From owner-freebsd-ports Thu Sep 2 1:20: 5 1999 Delivered-To: freebsd-ports@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 602F614FDA for ; Thu, 2 Sep 1999 01:20:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id BAA53127; Thu, 2 Sep 1999 01:20:02 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from mx1.issei.org (mx1.issei.org [210.254.221.66]) by hub.freebsd.org (Postfix) with ESMTP id B90C514EC5 for ; Thu, 2 Sep 1999 01:18:23 -0700 (PDT) (envelope-from issei@issei.org) Received: from tole.issei.org (tole.issei.org [210.254.221.67]) by mx1.issei.org (8.9.3+3.2W/3.7W-v6) with ESMTP/IPv4 id QAA17927 for ; Thu, 2 Sep 1999 16:46:12 +0900 (JST) (envelope-from issei@issei.org) Received: by tole.issei.org (Postfix, from userid 3001) id 0794C1F34; Thu, 2 Sep 1999 16:46:11 +0900 (JST) Message-Id: <19990902074611.0794C1F34@tole.issei.org> Date: Thu, 2 Sep 1999 16:46:11 +0900 (JST) From: issei@jp.FreeBSD.org Reply-To: issei@jp.FreeBSD.org To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: ports/13536: Update port : security/ssh (security fix) Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 13536 >Category: ports >Synopsis: Security fix : security/ssh port. >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Thu Sep 2 01:20:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Issei Suzuki >Release: FreeBSD 3.2-STABLE i386 >Organization: Individual >Environment: OS: FreeBSD 3.2-STABLE (Jun 1999) bsd.port.mk: $Id: bsd.port.mk,v 1.306 1999/03/08 07:23:10 asami Exp $ >Description: Patch for problem with tty ownership with chflags and chown in BSD 4.4 variants. Fixes a security bug in tty allocation. >How-To-Repeat: >Fix: Apply the following patch. # I mailed the maintainer a few days ago, but he has not reply yet. diff -urN ssh.old/Makefile ssh/Makefile --- ssh.old/Makefile Tue Aug 31 19:17:41 1999 +++ ssh/Makefile Wed Sep 1 16:44:37 1999 @@ -13,6 +13,10 @@ CATEGORIES= security net MASTER_SITES= ftp://ftp.cs.hut.fi/pub/ssh/ +PATCH_SITES= http://www.ssh.fi/sshprotocols2/patches/ +PATCHFILES= patch-${DISTNAME}-bsd.tty.chown +PATCH_DIST_STRIP= -p1 + MAINTAINER= torstenb@FreeBSD.org # You can set USA_RESIDENT appropriately in /etc/make.conf if this bugs you.. diff -urN ssh.old/files/md5 ssh/files/md5 --- ssh.old/files/md5 Wed Jun 16 07:36:30 1999 +++ ssh/files/md5 Thu Sep 2 05:10:05 1999 @@ -1 +1,2 @@ MD5 (ssh-1.2.27.tar.gz) = c22bc000bee0f7d6f4845eab72a81395 +MD5 (patch-ssh-1.2.27-bsd.tty.chown) = e4d7755994c2fa0d419a60723e8a9d53 >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message