From owner-freebsd-security Fri Feb 9 13:22:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67]) by hub.freebsd.org (Postfix) with ESMTP id 3A7B037B491; Fri, 9 Feb 2001 13:22:27 -0800 (PST) Received: (from dillon@localhost) by earth.backplane.com (8.11.1/8.9.3) id f19LMBh08953; Fri, 9 Feb 2001 13:22:11 -0800 (PST) (envelope-from dillon) Date: Fri, 9 Feb 2001 13:22:11 -0800 (PST) From: Matt Dillon Message-Id: <200102092122.f19LMBh08953@earth.backplane.com> To: Alfred Perlstein Cc: green@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: OpenSSH port patch References: <20010209110044.I26076@fw.wintelcom.net> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I think it's a whole lot better then simply marking the package forbidden! I was actually surprised that the package was marked forbidden, when the fix is only a few minutes of work. -Matt :Please trim CC! : :This removes the 'forbidden' and adds a patch to correct the :hash overflow as suggested by the Bindview audit. : :I'm cc'ing Brian Feldman (green) because he's maintainer, -ports :because I'm not really good at ports and -security so that people :can look this over. : :May I apply this patch? : :Index: Makefile :=================================================================== :RCS file: /home/ncvs/ports/security/openssh/Makefile,v :retrieving revision 1.57 :diff -u -u -r1.57 Makefile :--- Makefile 2001/02/09 04:58:24 1.57 :+++ Makefile 2001/02/09 18:53:06 :@@ -20,8 +20,6 @@ : : .include : :-FORBIDDEN= "Remote vulnerabilities" :- : CRYPTOLIBS= -L${OPENSSLLIB} -lcrypto : # Here, MANDIR is concetenated to DESTDIR which all forms the man install dir... : MAKE_ENV+= DESTDIR=${PREFIX} MANDIR=/man/man CRYPTOLIBS="${CRYPTOLIBS}" :Index: files/patch-az :=================================================================== :RCS file: patch-az :diff -N patch-az :--- /dev/null Fri Feb 9 10:59:20 2001 :+++ patch-az Fri Feb 9 10:58:58 2001 :@@ -0,0 +1,11 @@ :+--- /home/bright/ssh/ssh/deattack.c Fri Aug 18 19:17:12 2000 :++++ deattack.c Fri Feb 9 10:58:54 2001 :+@@ -84,7 +84,7 @@ :+ detect_attack(unsigned char *buf, u_int32_t len, unsigned char *IV) :+ { :+ static u_int16_t *h = (u_int16_t *) NULL; :+- static u_int16_t n = HASH_MINSIZE / HASH_ENTRYSIZE; :++ static u_int32_t n = HASH_MINSIZE / HASH_ENTRYSIZE; :+ register u_int32_t i, j; :+ u_int32_t l; :+ register unsigned char *c; : :-- :-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] :"I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message