From owner-svn-ports-all@freebsd.org Fri Jan 13 23:39:49 2017 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9ED1ECAE483; Fri, 13 Jan 2017 23:39:49 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53F4E1111; Fri, 13 Jan 2017 23:39:49 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v0DNdmQb030525; Fri, 13 Jan 2017 23:39:48 GMT (envelope-from bdrewery@FreeBSD.org) Received: (from bdrewery@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v0DNdmtY030524; Fri, 13 Jan 2017 23:39:48 GMT (envelope-from bdrewery@FreeBSD.org) Message-Id: <201701132339.v0DNdmtY030524@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bdrewery set sender to bdrewery@FreeBSD.org using -f From: Bryan Drewery Date: Fri, 13 Jan 2017 23:39:48 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r431445 - in head/security/openssh-portable: . files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Jan 2017 23:39:49 -0000 Author: bdrewery Date: Fri Jan 13 23:39:48 2017 New Revision: 431445 URL: https://svnweb.freebsd.org/changeset/ports/431445 Log: Add forgotten patch in r431438 for CVE-2016-10009 and CVE-2016-10010. Security: 2c948527-d823-11e6-9171-14dae9d210b8 Submitted by: Tim Zingelman MFH: 2017Q1 Added: head/security/openssh-portable/files/patch-serverloop.c (contents, props changed) Modified: head/security/openssh-portable/Makefile Modified: head/security/openssh-portable/Makefile ============================================================================== --- head/security/openssh-portable/Makefile Fri Jan 13 23:38:46 2017 (r431444) +++ head/security/openssh-portable/Makefile Fri Jan 13 23:39:48 2017 (r431445) @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 7.3p1 -PORTREVISION= 3 +PORTREVISION= 4 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= OPENBSD/OpenSSH/portable Added: head/security/openssh-portable/files/patch-serverloop.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/openssh-portable/files/patch-serverloop.c Fri Jan 13 23:39:48 2017 (r431445) @@ -0,0 +1,23 @@ +Fix CVE-2016-10010 + + +--- serverloop.c.orig 2016-07-27 17:54:27.000000000 -0500 ++++ serverloop.c 2017-01-11 18:44:42.881227000 -0600 +@@ -999,7 +999,7 @@ + + /* XXX fine grained permissions */ + if ((options.allow_streamlocal_forwarding & FORWARD_LOCAL) != 0 && +- !no_port_forwarding_flag) { ++ !no_port_forwarding_flag && use_privsep) { + c = channel_connect_to_path(target, + "direct-streamlocal@openssh.com", "direct-streamlocal"); + } else { +@@ -1280,7 +1280,7 @@ + + /* check permissions */ + if ((options.allow_streamlocal_forwarding & FORWARD_REMOTE) == 0 +- || no_port_forwarding_flag) { ++ || no_port_forwarding_flag || !use_privsep) { + success = 0; + packet_send_debug("Server has disabled port forwarding."); + } else {