Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 23 Nov 1999 14:34:14 +0900
From:      issei@jp.FreeBSD.org
To:        FreeBSD-gnats-submit@freebsd.org
Subject:   ports/15059: Fix port : security/ssh2
Message-ID:  <19991123143414I.issei@issei.org>
next in thread | raw e-mail | index | archive | help 

>Number:         15059
>Category:       ports
>Synopsis:       Fix fetching problem on security/ssh2 port
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Mon Nov 22 21:50:02 PST 1999
>Closed-Date:
>Last-Modified:
>Originator:     Issei Suzuki
>Release:        FreeBSD 3.3-RELEASE i386
>Organization:
Individual
>Environment:

	

>Description:

	The patch file patch-ssh-2.0.13-bsd.tty.chown have been deleted
	from PATCH_SITES, so port is broken now.

	The problem that patch-ssh-2.0.13-bsd.tty.chown fixes is:

	1. non-privileged user can set file flags (by chflag(2)) on
	   terminal device he or she use, such as /dev/ttyp0

	2. If file flag is set on terminal device, chown (2) by ssh daemon
	   may fail. But ssh daemon does not check return value from chown.

	3. So, non-privilaged user can snoof data stream throw terminal
	   device.


	This problem is also pointed out on FreeBSD-SA-99:01 and is
	corrected after FreeBSD 3.3-RELEASE.  So, we does not need to use
	the patch-ssh-2.0.13-bsd.tty.chown anymore.
	
>How-To-Repeat:

	

>Fix:

diff -urN ssh2.old/Makefile ssh2/Makefile
--- ssh2.old/Makefile	Tue Nov 23 14:10:17 1999
+++ ssh2/Makefile	Tue Nov 23 14:15:41 1999
@@ -14,10 +14,6 @@
 		ftp://sunsite.unc.edu/pub/packages/security/ssh/ \
 		ftp://ftp.kyoto.wide.ad.jp/pub/security/ssh/
 
-PATCH_SITES=	http://www.ssh.fi/sshprotocols2/patches/
-PATCHFILES=	patch-${DISTNAME}-bsd.tty.chown
-PATCH_DIST_STRIP= -p1
-
 MAINTAINER=	issei@jp.FreeBSD.org
 
 RESTRICTED=	"Crypto; export-controlled"

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991123143414I.issei>