commit 181b6db58bf9afd716e79abc67c2d44eba94ee66 Author: Juergen Daubert <jue@jue.li> Date: Mon Jan 14 15:10:57 2019 +0100 openssh: complete fix for CVE-2018-20685 diff --git a/openssh/.signature b/openssh/.signature index a2d56d2c..412f28da 100644 --- a/openssh/.signature +++ b/openssh/.signature @@ -1,6 +1,7 @@ untrusted comment: verify with /etc/ports/core.pub -RWRJc1FUaeVeqlxPY59pFAHClPfNubJjgHi9wwUh9toEBa8B/aMKA8MrHVVXX5MxMifd+ffv3sgnRChpvhDO7RpkbRN1sI1QZAY= -SHA256 (Pkgfile) = bb8f91b138b7049c854009701d6b8a7052c2e3b6cc10fb120858f70550cf7be8 +RWRJc1FUaeVeqh/5l9mXUVHkgalsQ5Cwa+YDc8w3lOCkjVbtP23XeCFrVEqpARDrlYWRfYlCt93PAg31KIVzAaImIHnpfYVoQwQ= +SHA256 (Pkgfile) = 7dabfc94184cee52c6dacf3138b06dac42fbcdf176abb26e261989bdbe35cdd7 SHA256 (.footprint) = 49ebea9770f893cbe403018d12a23303ae4652d2af3f1128b25c23df27282324 SHA256 (openssh-7.9p1.tar.gz) = 6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aad SHA256 (sshd) = 59cb8cff9890e9f5c617c5bd4e5a15e5e4bcc4bf35eb73a80322825db60bbfd4 +SHA256 (CVE-2018-20685.patch) = 310347b0173cd97c996a63f703040be07d87ea1a5f4cbe81a3cbdf409b36f7e2 diff --git a/openssh/Pkgfile b/openssh/Pkgfile index 025f533c..8805c6b8 100644 --- a/openssh/Pkgfile +++ b/openssh/Pkgfile @@ -5,11 +5,15 @@ name=openssh version=7.9p1 -release=1 -source=(http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz sshd) +release=2 +source=(http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/$name-$version.tar.gz + sshd CVE-2018-20685.patch) build() { cd $name-$version + + patch -p1 -i $SRC/CVE-2018-20685.patch + ./configure --prefix=/usr \ --libexecdir=/usr/lib/ssh \ --sysconfdir=/etc/ssh \