10.3/releng-p21.diff - freebsd-patches - Rivoreo Source Code Repositories

 Index: UPDATING
 ===================================================================
 --- UPDATING	(版本 320912)
 +++ UPDATING	(版本 322344)
 @@ -16,6 +16,10 @@
  stable/10, and then rebuild without this option. The bootstrap process from
  older version of current is a bit fragile.

 +20170810	p21	FreeBSD-SA-17:06.openssh
 +
 +	Fix OpenSSH Denial of Service vulnerability. [SA-17:06]
 +
  20170712	p20	FreeBSD-SA-17:05.heimdal
  			FreeBSD-EN-17:06.hyperv

 Index: crypto/openssh/auth-passwd.c
 ===================================================================
 --- crypto/openssh/auth-passwd.c	(版本 320912)
 +++ crypto/openssh/auth-passwd.c	(版本 322344)
 @@ -66,6 +66,8 @@
  #define DAY		(24L * 60 * 60) /* 1 day in seconds */
  #define TWO_WEEKS	(2L * 7 * DAY)	/* 2 weeks in seconds */

 +#define MAX_PASSWORD_LEN	1024
 +
  void
  disable_forwarding(void)
  {
 @@ -87,6 +89,9 @@
  	static int expire_checked = 0;
  #endif

 +	if (strlen(password) > MAX_PASSWORD_LEN)
 +		return 0;
 +
  #ifndef HAVE_CYGWIN
  	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
  		ok = 0;
 Index: crypto/heimdal/lib/krb5/ticket.c
 ===================================================================
 --- crypto/heimdal/lib/krb5/ticket.c	(版本 320912)
 +++ crypto/heimdal/lib/krb5/ticket.c	(版本 322344)
 @@ -713,8 +713,8 @@
      /* check server referral and save principal */
      ret = _krb5_principalname2krb5_principal (context,
  					      &tmp_principal,
 -					      rep->kdc_rep.ticket.sname,
 -					      rep->kdc_rep.ticket.realm);
 +					      rep->enc_part.sname,
 +					      rep->enc_part.srealm);
      if (ret)
  	goto out;
      if((flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH) == 0){
 Index: sys/conf/newvers.sh
 ===================================================================
 --- sys/conf/newvers.sh	(版本 320912)
 +++ sys/conf/newvers.sh	(版本 322344)
 @@ -32,7 +32,7 @@

  TYPE="FreeBSD"
  REVISION="10.3"
 -BRANCH="RELEASE-p20"
 +BRANCH="RELEASE-p21"
  if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
  	BRANCH=${BRANCH_OVERRIDE}
  fi
	Index: UPDATING
	===================================================================
	--- UPDATING (版本 320912)
	+++ UPDATING (版本 322344)
	@@ -16,6 +16,10 @@
	stable/10, and then rebuild without this option. The bootstrap process from
	older version of current is a bit fragile.

	+20170810 p21 FreeBSD-SA-17:06.openssh
	+
	+ Fix OpenSSH Denial of Service vulnerability. [SA-17:06]
	+
	20170712 p20 FreeBSD-SA-17:05.heimdal
	FreeBSD-EN-17:06.hyperv

	Index: crypto/openssh/auth-passwd.c
	===================================================================
	--- crypto/openssh/auth-passwd.c (版本 320912)
	+++ crypto/openssh/auth-passwd.c (版本 322344)
	@@ -66,6 +66,8 @@
	#define DAY (24L * 60 * 60) /* 1 day in seconds */
	#define TWO_WEEKS (2L * 7 * DAY) /* 2 weeks in seconds */

	+#define MAX_PASSWORD_LEN 1024
	+
	void
	disable_forwarding(void)
	{
	@@ -87,6 +89,9 @@
	static int expire_checked = 0;
	#endif

	+ if (strlen(password) > MAX_PASSWORD_LEN)
	+ return 0;
	+
	#ifndef HAVE_CYGWIN
	if (pw->pw_uid == 0 && options.permit_root_login != PERMIT_YES)
	ok = 0;
	Index: crypto/heimdal/lib/krb5/ticket.c
	===================================================================
	--- crypto/heimdal/lib/krb5/ticket.c (版本 320912)
	+++ crypto/heimdal/lib/krb5/ticket.c (版本 322344)
	@@ -713,8 +713,8 @@
	/* check server referral and save principal */
	ret = _krb5_principalname2krb5_principal (context,
	&tmp_principal,
	- rep->kdc_rep.ticket.sname,
	- rep->kdc_rep.ticket.realm);
	+ rep->enc_part.sname,
	+ rep->enc_part.srealm);
	if (ret)
	goto out;
	if((flags & EXTRACT_TICKET_ALLOW_SERVER_MISMATCH) == 0){
	Index: sys/conf/newvers.sh
	===================================================================
	--- sys/conf/newvers.sh (版本 320912)
	+++ sys/conf/newvers.sh (版本 322344)
	@@ -32,7 +32,7 @@

	TYPE="FreeBSD"
	REVISION="10.3"
	-BRANCH="RELEASE-p20"
	+BRANCH="RELEASE-p21"
	if [ "X${BRANCH_OVERRIDE}" != "X" ]; then
	BRANCH=${BRANCH_OVERRIDE}
	fi