Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package sshguard for openSUSE:Factory checked in at 2022-08-31 18:08:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/sshguard (Old)
and /work/SRC/openSUSE:Factory/.sshguard.new.2083 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sshguard"
Wed Aug 31 18:08:58 2022 rev:17 rq:1000390 version:2.4.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/sshguard/sshguard.changes 2022-01-24 23:11:13.438253584 +0100
+++ /work/SRC/openSUSE:Factory/.sshguard.new.2083/sshguard.changes 2022-08-31 18:09:03.815387453 +0200
@@ -1,0 +2,6 @@
+Tue Aug 30 15:19:17 UTC 2022 - Marcus Meissner
+
+- sshguard-overflow.patch: fixed 1 byte 0x00 overwrite in a memset
+ (bsc#1202944)
+
+-------------------------------------------------------------------
New:
----
sshguard-overflow.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ sshguard.spec ++++++
--- /var/tmp/diff_new_pack.1vrhhT/_old 2022-08-31 18:09:04.351388871 +0200
+++ /var/tmp/diff_new_pack.1vrhhT/_new 2022-08-31 18:09:04.355388882 +0200
@@ -42,6 +42,7 @@
# PATCH-FIX-UPSTREAM sshguard-gcc5.patch
Patch0: sshguard-gcc5.patch
Patch1: harden_sshguard.service.patch
+Patch2: sshguard-overflow.patch
Requires: openssh
Requires(pre): %fillup_prereq
@@ -55,6 +56,7 @@
%patch0 -p1
find . -type f -iname "*.swp" -print -exec rm {} \;
%patch1 -p1
+%patch2 -p1
%build
%configure \
++++++ sshguard-overflow.patch ++++++
Index: sshguard-2.4.2/src/blocker/sshguard_whitelist.c
===================================================================
--- sshguard-2.4.2.orig/src/blocker/sshguard_whitelist.c
+++ sshguard-2.4.2/src/blocker/sshguard_whitelist.c
@@ -276,7 +276,7 @@ int whitelist_add_block6(const char *res
bitlen = masklen % 8;
bitmask = 0xFF << (8 - bitlen);
ab.address.ip6.mask.s6_addr[bytelen] = bitmask;
- memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen);
+ memset(& ab.address.ip6.mask.s6_addr[bytelen+1], 0x00, sizeof(ab.address.ip6.mask.s6_addr) - bytelen - 1);
if (! list_contains(& whitelist, &ab)) {
list_append(& whitelist, &ab);