rpms/scponly/devel scponly-4.6-CVE-2007-6415.patch, NONE, 1.1 scponly.spec, 1.9, 1.10
Tomas Hoger (thoger)
fedora-extras-commits at redhat.com
Wed Feb 13 19:56:08 UTC 2008
Author: thoger
Update of /cvs/extras/rpms/scponly/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5394
Modified Files:
scponly.spec
Added Files:
scponly-4.6-CVE-2007-6415.patch
Log Message:
Add patch for CVE-2007-6415, #426072
scponly-4.6-CVE-2007-6415.patch:
--- NEW FILE scponly-4.6-CVE-2007-6415.patch ---
diff -pruN scponly-4.6.orig/helper.c scponly-4.6/helper.c
--- scponly-4.6.orig/helper.c 2006-01-31 23:04:16.000000000 +0100
+++ scponly-4.6/helper.c 2008-02-13 20:11:58.000000000 +0100
@@ -181,10 +181,10 @@ int check_dangerous_args(char **av)
*/
opterr=cmdarg->strict;
while ((ch = getopt(ac, av, cmdarg->opts)) != -1)
- if (ch == cmdarg->badarg[0])
+ if (strchr(cmdarg->badarg, ch) || (cmdarg->strict && ch == '?'))
{
- syslog(LOG_ERR, "option %s is not permitted for use with %s (arg was %s)(%s))",
- cmdarg->badarg, cmdarg->name, optarg, logstamp());
+ syslog(LOG_ERR, "option -%c is not permitted for use with %s (arg was %s)(%s))",
+ ch, cmdarg->name, optarg, logstamp());
return 1;
}
#elif
diff -pruN scponly-4.6.orig/scponly.c scponly-4.6/scponly.c
--- scponly-4.6.orig/scponly.c 2006-01-31 00:09:40.000000000 +0100
+++ scponly-4.6/scponly.c 2008-02-13 20:11:58.000000000 +0100
@@ -92,7 +92,7 @@ cmd_arg_t dangerous_args[] =
* program name use getopt? strict optlist? optname optlist
*/
#ifdef ENABLE_SCP2
- { PROG_SCP, 1, 1, "S", "dfl:prtvBCc:i:P:q1246S:o:F:" },
+ { PROG_SCP, 1, 1, "SoF", "dfl:prtvBCc:i:P:q1246S:o:F:" },
#endif
#ifdef RSYNC_COMPAT
{ PROG_RSYNC, 1, 0, "e", "e:" },
Index: scponly.spec
===================================================================
RCS file: /cvs/extras/rpms/scponly/devel/scponly.spec,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- scponly.spec 11 Feb 2008 20:36:42 -0000 1.9
+++ scponly.spec 13 Feb 2008 19:55:32 -0000 1.10
@@ -1,12 +1,13 @@
Summary: Restricted shell for ssh based file services
Name: scponly
Version: 4.6
-Release: 9%{?dist}
+Release: 10%{?dist}
License: BSD
Group: Applications/Internet
URL: http://sublimation.org/scponly/
Source: http://sublimation.org/scponly/scponly-%{version}.tgz
Patch0: scponly-install.patch
+Patch1: scponly-4.6-CVE-2007-6415.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
# Checks only for location of binaries
@@ -24,6 +25,7 @@
%prep
%setup -q
%patch0 -p1
+%patch1 -p1 -b .CVE-2007-6415
%build
%configure --enable-scp-compat --enable-winscp-compat --enable-chrooted-binary
@@ -56,6 +58,10 @@
%config(noreplace) %{_sysconfdir}/scponly/*
%changelog
+* Wed Feb 13 2008 Tomas Hoger <thoger at redhat.com> - 4.6-10
+- Add patch to prevent restriction bypass using OpenSSH's scp options -F
+ and -o (CVE-2007-6415, #426072)
+
* Mon Feb 11 2008 Warren Togami <wtogami at redhat.com> - 4.6-9
- rebuild with gcc-4.3
More information about the fedora-extras-commits
mailing list