diff options
author | Peter Korsgaard <peter@korsgaard.com> | 2019-03-20 22:18:59 +0100 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2019-03-27 22:31:53 +0100 |
commit | b5735379c5713aa994e4bf4209692cb4e0f6e3c8 (patch) | |
tree | be0daa7d12a33276abadf433c40dbdb4b3af57d3 | |
parent | 1f464e0314a76fc60eb54679f62a5c65165f0687 (diff) | |
download | buildroot-b5735379c5713aa994e4bf4209692cb4e0f6e3c8.tar.gz buildroot-b5735379c5713aa994e4bf4209692cb4e0f6e3c8.zip |
package/libssh2: security bump to latest git
Bump the version to latest git to fix the following security issues:
CVE-2019-3855
Possible integer overflow in transport read allows out-of-bounds write
URL: https://www.libssh2.org/CVE-2019-3855.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3855.patch
CVE-2019-3856
Possible integer overflow in keyboard interactive handling allows
out-of-bounds write
URL: https://www.libssh2.org/CVE-2019-3856.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch
CVE-2019-3857
Possible integer overflow leading to zero-byte allocation and out-of-bounds
write
URL: https://www.libssh2.org/CVE-2019-3857.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3857.patch
CVE-2019-3858
Possible zero-byte allocation leading to an out-of-bounds read
URL: https://www.libssh2.org/CVE-2019-3858.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3858.patch
CVE-2019-3859
Out-of-bounds reads with specially crafted payloads due to unchecked use of
`_libssh2_packet_require` and `_libssh2_packet_requirev`
URL: https://www.libssh2.org/CVE-2019-3859.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3859.patch
CVE-2019-3860
Out-of-bounds reads with specially crafted SFTP packets
URL: https://www.libssh2.org/CVE-2019-3860.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3860.patch
CVE-2019-3861
Out-of-bounds reads with specially crafted SSH packets
URL: https://www.libssh2.org/CVE-2019-3861.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3861.patch
CVE-2019-3862
Out-of-bounds memory comparison
URL: https://www.libssh2.org/CVE-2019-3862.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3862.patch
CVE-2019-3863
Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes
URL: https://www.libssh2.org/CVE-2019-3863.html
Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3863.txt
Drop 0003-openssl-fix-dereferencing-ambiguity-potentially-caus.patch as that
is now upstream.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit f4f7dd9557cf139f6014ada77e947152d5a82fb3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
-rw-r--r-- | package/libssh2/0003-openssl-fix-dereferencing-ambiguity-potentially-caus.patch | 51 | ||||
-rw-r--r-- | package/libssh2/libssh2.hash | 2 | ||||
-rw-r--r-- | package/libssh2/libssh2.mk | 2 |
3 files changed, 2 insertions, 53 deletions
diff --git a/package/libssh2/0003-openssl-fix-dereferencing-ambiguity-potentially-caus.patch b/package/libssh2/0003-openssl-fix-dereferencing-ambiguity-potentially-caus.patch deleted file mode 100644 index 44eed2bac4..0000000000 --- a/package/libssh2/0003-openssl-fix-dereferencing-ambiguity-potentially-caus.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 28fe5e4de437f8fce6e428b7db9bc8640cda4c61 Mon Sep 17 00:00:00 2001 -From: Giulio Benetti <giulio.benetti@micronovasrl.com> -Date: Thu, 13 Sep 2018 09:51:35 +0200 -Subject: [PATCH] openssl: fix dereferencing ambiguity potentially causing - build failure -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -When dereferencing from *aes_ctr_cipher, being a pointer itself, -ambiguity can occur with compiler and build can fail reporting: -openssl.c:574:20: error: ‘*aes_ctr_cipher’ is a pointer; did you mean to use ‘->’? - *aes_ctr_cipher->nid = type; - -Sorround every *aes_ctr_cipher-> occurence with paranthesis like this -(*aes_ctr_cipher)-> - -Signed-off-by: Giulio Benetti <giulio.benetti@micronovasrl.com> -Upstream: https://github.com/libssh2/libssh2/commit/b5b6673c2823a18753a14571a6c01bde33fa3a8b ---- - src/openssl.c | 14 +++++++------- - 1 file changed, 7 insertions(+), 7 deletions(-) - -diff --git a/src/openssl.c b/src/openssl.c -index 678d5de..c26aaec 100644 ---- a/src/openssl.c -+++ b/src/openssl.c -@@ -571,13 +571,13 @@ make_ctr_evp (size_t keylen, EVP_CIPHER **aes_ctr_cipher, int type) - EVP_CIPHER_meth_set_cleanup(*aes_ctr_cipher, aes_ctr_cleanup); - } - #else -- *aes_ctr_cipher->nid = type; -- *aes_ctr_cipher->block_size = 16; -- *aes_ctr_cipher->key_len = keylen; -- *aes_ctr_cipher->iv_len = 16; -- *aes_ctr_cipher->init = aes_ctr_init; -- *aes_ctr_cipher->do_cipher = aes_ctr_do_cipher; -- *aes_ctr_cipher->cleanup = aes_ctr_cleanup; -+ (*aes_ctr_cipher)->nid = type; -+ (*aes_ctr_cipher)->block_size = 16; -+ (*aes_ctr_cipher)->key_len = keylen; -+ (*aes_ctr_cipher)->iv_len = 16; -+ (*aes_ctr_cipher)->init = aes_ctr_init; -+ (*aes_ctr_cipher)->do_cipher = aes_ctr_do_cipher; -+ (*aes_ctr_cipher)->cleanup = aes_ctr_cleanup; - #endif - - return *aes_ctr_cipher; --- -2.17.1 - diff --git a/package/libssh2/libssh2.hash b/package/libssh2/libssh2.hash index d57c8d7062..c4732a2c07 100644 --- a/package/libssh2/libssh2.hash +++ b/package/libssh2/libssh2.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 ec2b32b44ae5f8fe094f663f63953fb31314de838eb36e8c47e5a89137b5a1bc libssh2-8b870ad771cbd9cd29edbb3dbb0878e950f868ab.tar.gz +sha256 468e7a81a8121c06cb099eef2e17106b0b8c2e1d890b1c0e34e1951f182babb1 libssh2-1b3cbaff518f32e5b70650d4b7b52361b1410d37.tar.gz sha256 e15ed284a15e80115467d6d7f030f0d89d8fabbecd78fb6e0f861f0cfc128fd9 COPYING diff --git a/package/libssh2/libssh2.mk b/package/libssh2/libssh2.mk index 89cb733224..ed0dd40bec 100644 --- a/package/libssh2/libssh2.mk +++ b/package/libssh2/libssh2.mk @@ -4,7 +4,7 @@ # ################################################################################ -LIBSSH2_VERSION = 8b870ad771cbd9cd29edbb3dbb0878e950f868ab +LIBSSH2_VERSION = 1b3cbaff518f32e5b70650d4b7b52361b1410d37 LIBSSH2_SITE = $(call github,libssh2,libssh2,$(LIBSSH2_VERSION)) LIBSSH2_LICENSE = BSD LIBSSH2_LICENSE_FILES = COPYING |