Fix CVE-2025-32728
Signed-off-by: hdliu <dev03108@linx-info.com>
This commit is contained in:
hdliu
parent
efb9581d44
commit
bbdf6195f7
39
backport-upstream_CVE-2025-32728.patch
Normal file
39
backport-upstream_CVE-2025-32728.patch
Normal file
@ -0,0 +1,39 @@
|
||||
From a14795025b80225ca3741073c48783604189b663 Mon Sep 17 00:00:00 2001
|
||||
From: root <root@localhost.localdomain>
|
||||
Date: Mon, 14 Apr 2025 12:48:57 +0800
|
||||
Subject: [PATCH] Fix logic error in DisableForwarding option. This option
|
||||
|
||||
was documented as disabling X11 and agent forwarding but it failed to do so.
|
||||
Spotted by Tim Rice.
|
||||
|
||||
OpenBSD-Commit-ID: fffc89195968f7eedd2fc57f0b1f1ef3193f5ed1
|
||||
---
|
||||
session.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/session.c b/session.c
|
||||
index 1b67393..e968c22 100644
|
||||
--- a/session.c
|
||||
+++ b/session.c
|
||||
@@ -2345,7 +2345,8 @@ session_auth_agent_req(struct ssh *ssh, Session *s)
|
||||
if ((r = sshpkt_get_end(ssh)) != 0)
|
||||
sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
|
||||
if (!auth_opts->permit_agent_forwarding_flag ||
|
||||
- !options.allow_agent_forwarding) {
|
||||
+ !options.allow_agent_forwarding ||
|
||||
+ options.disable_forwarding) {
|
||||
debug_f("agent forwarding disabled");
|
||||
return 0;
|
||||
}
|
||||
@@ -2761,7 +2762,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
|
||||
ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options.");
|
||||
return 0;
|
||||
}
|
||||
- if (!options.x11_forwarding) {
|
||||
+ if (!options.x11_forwarding || options.disable_forwarding) {
|
||||
debug("X11 forwarding disabled in server configuration file.");
|
||||
return 0;
|
||||
}
|
||||
--
|
||||
2.33.0
|
||||
|
||||
10
openssh.spec
10
openssh.spec
@ -6,7 +6,7 @@
|
||||
%{?no_gtk2:%global gtk2 0}
|
||||
|
||||
%global sshd_uid 74
|
||||
%global openssh_release 34
|
||||
%global openssh_release 35
|
||||
|
||||
Name: openssh
|
||||
Version: 8.8p1
|
||||
@ -135,6 +135,7 @@ Patch105: backport-fix-CVE-2024-6387.patch
|
||||
Patch106: backport-fix-CVE-2024-6409.patch
|
||||
Patch107: backport-upstream-Set-OPENSSL_BIN-from-OpenSSL-directory.patch
|
||||
Patch108: backport-CVE-2025-26465-Don-t-reply-to-PING-in-preauth-phase-or-during-KEX.patch
|
||||
Patch109: backport-upstream_CVE-2025-32728.patch
|
||||
|
||||
Requires: /sbin/nologin
|
||||
Requires: libselinux >= 2.3-5 audit-libs >= 1.0.8
|
||||
@ -320,6 +321,7 @@ popd
|
||||
%patch106 -p1
|
||||
%patch107 -p1
|
||||
%patch108 -p1
|
||||
%patch109 -p1
|
||||
|
||||
autoreconf
|
||||
pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
|
||||
@ -526,6 +528,12 @@ getent passwd sshd >/dev/null || \
|
||||
%attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
|
||||
|
||||
%changelog
|
||||
* Mon Apr 14 2025 hdliu<hdliu@linx-info.com> - 8.8p1-35
|
||||
- Type:CVE
|
||||
- CVE:CVE-2025-32728
|
||||
- SUG:NA
|
||||
- DESC:Fix CVE-2025-32728
|
||||
|
||||
* Tue Feb 18 2025 bitianyuan<bitianyuan@huawei.com> - 8.8p1-34
|
||||
- Type:CVE
|
||||
- CVE:CVE-2025-26465
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user