Author: thomas
Date: Tue Mar 2 08:40:31 2021
New Revision: 24325
Log:
Fix a seccomp issue in OpenSSH
Modified:
trunk/BOOK/introduction/welcome/changelog.xml
trunk/BOOK/postlfs/security/openssh.xml
Modified: trunk/BOOK/introduction/welcome/changelog.xml
==============================================================================
--- trunk/BOOK/introduction/welcome/changelog.xml Tue Mar 2 03:21:49
2021 (r24324)
+++ trunk/BOOK/introduction/welcome/changelog.xml Tue Mar 2 08:40:31
2021 (r24325)
@@ -45,6 +45,9 @@
<para>March 2nd, 2021</para>
<itemizedlist>
<listitem>
+ <para>[thomas] - Fix a seccomp issue in OpenSSH on non-x86_64
platforms.</para>
+ </listitem>
+ <listitem>
<para>[ken] - Update to nss-3.62. Fixes
<ulink url="&blfs-ticket-root;14684">#14684</ulink>.</para>
</listitem>
Modified: trunk/BOOK/postlfs/security/openssh.xml
==============================================================================
--- trunk/BOOK/postlfs/security/openssh.xml Tue Mar 2 03:21:49 2021
(r24324)
+++ trunk/BOOK/postlfs/security/openssh.xml Tue Mar 2 08:40:31 2021
(r24325)
@@ -152,6 +152,17 @@
<screen><userinput remap="pre">sed -e '/INSTALLKEYS_SH/s/)//' -e '260a\ )' -i
contrib/ssh-copy-id</userinput></screen>
<para>
+ Next, fix an issue on platforms other than x86_64:
+ </para>
+ <screen><userinput remap="pre">if [ "$(uname -m)" != "x86_64" ]; then
+ l1="#ifdef __NR_pselect6_time64"
+ l2=" SC_ALLOW(__NR_pselect6_time64),"
+ l3="#endif"
+ sed -e "/^#ifdef __NR_read$/ i $l1\n$l2\n$l3" \
+ -i sandbox-seccomp-filter.c
+fi</userinput></screen>
+
+ <para>
Install <application>OpenSSH</application> by running the following
commands:
</para>
--
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
