summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2021-03-13 12:32:20 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2021-03-13 12:32:20 +0000
commit23e02480725e62cf54607e1a1225f32f80687fde (patch)
treeb8083d4dd34e2ce2a33953cce87d8731ff3fe40f
parentAdding debian version 1:8.4p1-4. (diff)
downloadopenssh-debian.tar.xz
openssh-debian.zip
Adding debian version 1:8.4p1-5.debian/1%8.4p1-5debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r--debian/.git-dpm4
-rw-r--r--debian/changelog6
-rw-r--r--debian/patches/series1
-rw-r--r--debian/patches/ssh-agent-double-free.patch26
4 files changed, 35 insertions, 2 deletions
diff --git a/debian/.git-dpm b/debian/.git-dpm
index 2e55458..7f231bb 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,6 +1,6 @@
# see git-dpm(1) from git-dpm package
-27cf2f667b46a99f4469f41bcb8e004834a3d34f
-27cf2f667b46a99f4469f41bcb8e004834a3d34f
+421db3656dcafbe810226463bf27a18a0b1c3186
+421db3656dcafbe810226463bf27a18a0b1c3186
2b2c99658e3e8ed452e28f88f9cdbcdfb2a461cb
2b2c99658e3e8ed452e28f88f9cdbcdfb2a461cb
openssh_8.4p1.orig.tar.gz
diff --git a/debian/changelog b/debian/changelog
index 9b1a33a..5c7c62c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+openssh (1:8.4p1-5) unstable; urgency=high
+
+ * CVE-2021-28041: Fix double free in ssh-agent(1) (closes: #984940).
+
+ -- Colin Watson <cjwatson@debian.org> Sat, 13 Mar 2021 09:59:40 +0000
+
openssh (1:8.4p1-4) unstable; urgency=medium
* Avoid using libmd's <sha2.h> even if it's installed (closes: #982705).
diff --git a/debian/patches/series b/debian/patches/series
index 5b00428..8f6b09f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -25,3 +25,4 @@ conch-old-privkey-format.patch
revert-ipqos-defaults.patch
revert-x32-sandbox-breakage.patch
ssh-copy-id-heredoc-syntax.patch
+ssh-agent-double-free.patch
diff --git a/debian/patches/ssh-agent-double-free.patch b/debian/patches/ssh-agent-double-free.patch
new file mode 100644
index 0000000..20ae613
--- /dev/null
+++ b/debian/patches/ssh-agent-double-free.patch
@@ -0,0 +1,26 @@
+From 421db3656dcafbe810226463bf27a18a0b1c3186 Mon Sep 17 00:00:00 2001
+From: Colin Watson <cjwatson@debian.org>
+Date: Sat, 13 Mar 2021 09:35:05 +0000
+Subject: Double free in ssh-agent(1)
+
+Origin: upstream, https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/015_sshagent.patch.sig
+Bug-Debian: https://bugs.debian.org/984940
+Last-Update: 2021-03-13
+
+Patch-Name: ssh-agent-double-free.patch
+---
+ ssh-agent.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/ssh-agent.c b/ssh-agent.c
+index e1fd1f3f6..48155c96e 100644
+--- a/ssh-agent.c
++++ b/ssh-agent.c
+@@ -581,6 +581,7 @@ process_add_identity(SocketEntry *e)
+ goto err;
+ }
+ free(ext_name);
++ ext_name = NULL;
+ break;
+ default:
+ error("%s: Unknown constraint %d", __func__, ctype);