Hello community,
here is the log from the commit of package libssh.1120 for openSUSE:12.1:Update checked in at 2012-12-07 10:47:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update/libssh.1120 (Old)
and /work/SRC/openSUSE:12.1:Update/.libssh.1120.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libssh.1120", Maintainer is ""
Changes:
--------
New Changes file:
--- /dev/null 2012-11-30 12:21:47.308011256 +0100
+++ /work/SRC/openSUSE:12.1:Update/.libssh.1120.new/libssh.changes 2012-12-07 10:47:40.000000000 +0100
@@ -0,0 +1,323 @@
+-------------------------------------------------------------------
+Tue Nov 20 15:36:29 UTC 2012 - jmcdonough@suse.com
+
+- Fix multiple vulernabilities (bnc#789827):
+ * CVE-2012-4559 – Fix multiple double free() flaws
+ 0007-CVE-2012-4559-Ensure-we-don-t-free-blob-or-request-t.patch
+ 0008-CVE-2012-4559-Ensure-that-we-don-t-free-req-twice.patch
+ 0009-CVE-2012-4559-Make-sure-we-don-t-free-name-and-longn.patch
+ * CVE-2012-4560 – Fix multiple buffer overflow flaws
+ 0005-CVE-2012-4560-Fix-a-write-one-past-the-end-of-the-u-.patch
+ 0006-CVE-2012-4560-Fix-a-write-one-past-the-end-of-buf.patch
+ * CVE-2012-4561 – Fix multiple invalid free() flaws
+ 0010-CVE-2012-4561-Fix-error-handling-of-try_publickey_fr.patch
+ 0011-CVE-2012-4561-Fix-possible-free-s-on-invalid-pointer.patch
+ * CVE-2012-4562 – Fix multiple improper overflow checks
+ 0001-CVE-2012-4562-Fix-possible-integer-overflow-in-ssh_g.patch
+ 0002-CVE-2012-4562-Fix-multiple-integer-overflows-in-buff.patch
+ 0003-CVE-2012-4562-Fix-a-possible-infinite-loop-in-buffer.patch
+ 0004-CVE-2012-4562-Fix-possible-string-related-integer-ov.patch
+
+-------------------------------------------------------------------
+Tue Sep 6 03:36:48 UTC 2011 - crrodriguez@opensuse.org
+
+- Build with OPENSSL_LOAD_CONF so we respect user's choice
+ of which "openssl engine" to use for crypto (aes-ni,intel-accel)
+
+-------------------------------------------------------------------
+Tue Aug 9 15:12:39 UTC 2011 - asn@cryptomilk.org
+
+- Update to version 0.5.1
+ * Added checks for NULL pointers in string.c.
+ * Set the channel max packet size to 32768.
+ * Don't (de)compress empty buffers.
+ * Fixed ssh_scp_write so it works when doing recursive copy.
+ * Fixed another source of endless wait.
+ * Fixed an endless loop in case of a channel_open error.
+ * Fixed session timeout handling.
+ * Fixed ssh_channel_from_local() loop.
+ * Fixed permissions of scp example when we copy a file.
+ * Workaround ssh_get_user_home_dir on LDAP users.
+ * Added pkg-config support for libssh_threads.
+ * Fixed compilation without server and sftp modes.
+ * Fix static .lib overwriting on Windows.
+
+-------------------------------------------------------------------
+Tue May 31 14:32:09 UTC 2011 - asn@cryptomilk.org
+
+- Update to version 0.5.0
+ * Added ssh_ prefix to all functions.
+ * Added complete Windows support.
+ * Added improved server support.
+ * Added unit tests for a lot of functions.
+ * Added asynchronous service request.
+ * Added a multiplatform ssh_getpass() function.
+ * Added a tutorial.
+ * Added a lot of documentation.
+ * Fixed a lot of bugs.
+ * Fixed several memory leaks.
+
+-------------------------------------------------------------------
+Sat Jan 15 08:58:45 UTC 2011 - asn@cryptomilk.org
+
+- Update to version 0.4.8
+ * Fixed memory leaks in session signing.
+ * Fixed memory leak in ssh_print_hexa.
+ * Fixed problem with ssh_connect w/ timeout and fd > 1024.
+ * Fixed some warnings on OS/2.
+ * Fixed installation path for OS/2.
+
+-------------------------------------------------------------------
+Mon Dec 27 20:12:23 CET 2010 - asn@cynapses.org
+
+- Update to version 0.4.7
+ * Fixed a possible memory leak in ssh_get_user_home().
+ * Fixed a memory leak in sftp_xstat.
+ * Fixed uninitialized fd->revents member.
+ * Fixed timout value in ssh_channel_accept().
+ * Fixed length checks in ssh_analyze_banner().
+ * Fixed a possible data overread and crash bug.
+ * Fixed setting max_fd which breaks ssh_select().
+ * Fixed some pedantic build warnings.
+ * Fixed a memory leak with session->bindaddr.
+
+-------------------------------------------------------------------
+Sun Sep 5 19:30:28 CEST 2010 - asn@cynapses.org
+
+- Update to version 0.4.6
+ * Added a cleanup function to free the ws2_32 library.
+ * Fixed build with gcc 3.4.
+ * Fixed the Windows build on Vista and newer.
+ * Fixed the usage of WSAPoll() on Windows.
+ * Fixed "@deprecated" in doxygen
+ * Fixed some mingw warnings.
+ * Fixed handling of opened channels.
+ * Fixed keepalive problem on older openssh servers.
+ * Fixed testing for big endian on Windows.
+ * Fixed the Windows preprocessor macros and defines.
+
+-------------------------------------------------------------------
+Tue Jul 13 10:27:13 CEST 2010 - anschneider@exsuse.de
+
+- Update to version 0.4.5
+ * Added option to bind a client to an ip address.
+ * Fixed the ssh socket polling function.
+ * Fixed Windows related bugs in bsd_poll().
+ * Fixed serveral build warnings.
+
+-------------------------------------------------------------------
+Mon May 31 14:13:55 CEST 2010 - anschneider@exsuse.de
+
+- Update to version 0.4.4
+ * Fixed some bugs ein path expand functions.
+
+-------------------------------------------------------------------
+Mon May 17 23:50:11 CEST 2010 - anschneider@exsuse.de
+
+- Update to version 0.4.3
+ * Added global/keepalive responses.
+ * Added runtime detection of WSAPoll().
+ * Added a select(2) based poll-emulation if poll(2) is not available.
+ * Added a function to expand an escaped string.
+ * Added a function to expand the tilde from a path.
+ * Added a proxycommand support.
+ * Added ssh_privatekey_type public function
+ * Added the possibility to define _OPENSSL_DIR and _ZLIB_DIR.
+ * Fixed sftp_chown.
+ * Fixed sftp_rename on protocol version 3.
+ * Fixed a blocking bug in channel_poll.
+ * Fixed config parsing wich has overwritten user specified values.
+ * Fixed hashed [host]:port format in knownhosts
+ * Fixed Windows build.
+ * Fixed doublefree happening after a negociation error.
+ * Fixed aes*-ctr with <= OpenSSL 0.9.7b.
+ * Fixed some documentation.
+ * Fixed exec example which has broken read usage.
+ * Fixed broken algorithm choice for server.
+ * Fixed a typo that we don't export all symbols.
+ * Removed the unneeded dependency to doxygen.
+ * Build examples only on the Linux plattform.
+
+-------------------------------------------------------------------
+Mon Mar 15 19:40:44 CET 2010 - anschneider@exsuse.de
+
+- Update to version 0.4.2
+ * Added owner and group information in sftp attributes.
+ * Added missing SSH_OPTIONS_FD option.
+ * Added printout of owner and group in the sftp example.
+ * Added a prepend function for ssh_list.
+ * Added send back replies to openssh's keepalives.
+ * Fixed documentation in scp code
+ * Fixed longname parsing, this only workings with readdir.
+ * Fixed and added support for several identity files.
+ * Fixed sftp_parse_longname() on Windows.
+ * Fixed a race condition bug in ssh_scp_close()
+ * Remove config support for SSHv1 Cipher variable.
+ * Rename ssh_list_add to ssh_list_append.
+ * Rename ssh_list_get_head to ssh_list_pop_head
+
+-------------------------------------------------------------------
+Mon Feb 15 12:41:47 CET 2010 - anschneider@exsuse.de
+
+- Fixed Requires.
+
+-------------------------------------------------------------------
+Sat Feb 13 15:29:14 CET 2010 - anschneider@exsuse.de
+
+- Update to version 0.4.1
+ * Added support for aes128-ctr, aes192-ctr and aes256-ctr encryption.
+ * Added an example for exec.
+ * Added private key type detection feature in privatekey_from_file().
+ * Fixed zlib compression fallback.
+ * Fixed kex bug that client preference should be prioritary
+ * Fixed known_hosts file set by the user.
+ * Fixed a memleak in channel_accept().
+ * Fixed underflow when leave_function() are unbalanced
+ * Fixed memory corruption in handle_channel_request_open().
+ * Fixed closing of a file handle case of errors in privatekey_from_file().
+ * Fixed ssh_get_user_home_dir() to be thread safe.
+ * Fixed the doxygen documentation.
+
+-------------------------------------------------------------------
+Thu Dec 10 23:43:19 CET 2009 - anschneider@exsuse.de
+
+- Update to version 0.4.0
+ * Added scp support.
+ * Added support for sending signals (RFC 4254, section 6.9).
+ * Added MSVC support.
+ * Added support for ~/.ssh/config.
+ * Added sftp extension support.
+ * Added X11 forwarding support for client.
+ * Added forward listening.
+ * Added support for openssh extensions (statvfs, fstatvfs).
+ * Added a cleaned up interface for setting options.
+ * Added a generic way to handle sockets asynchronously.
+ * Added logging of the sftp flags used to open a file.
+ * Added full poll() support and poll-emulation for win32.
+ * Added missing 64bit functions in sftp.
++++ 126 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.1:Update/.libssh.1120.new/libssh.changes
New:
----
0001-CVE-2012-4562-Fix-possible-integer-overflow-in-ssh_g.patch
0002-CVE-2012-4562-Fix-multiple-integer-overflows-in-buff.patch
0003-CVE-2012-4562-Fix-a-possible-infinite-loop-in-buffer.patch
0004-CVE-2012-4562-Fix-possible-string-related-integer-ov.patch
0005-CVE-2012-4560-Fix-a-write-one-past-the-end-of-the-u-.patch
0006-CVE-2012-4560-Fix-a-write-one-past-the-end-of-buf.patch
0007-CVE-2012-4559-Ensure-we-don-t-free-blob-or-request-t.patch
0008-CVE-2012-4559-Ensure-that-we-don-t-free-req-twice.patch
0009-CVE-2012-4559-Make-sure-we-don-t-free-name-and-longn.patch
0010-CVE-2012-4561-Fix-error-handling-of-try_publickey_fr.patch
0011-CVE-2012-4561-Fix-possible-free-s-on-invalid-pointer.patch
libssh-0.5.1.tar.bz2
libssh.changes
libssh.spec
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libssh.spec ++++++
#
# spec file for package libssh
#
# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Url: http://www.libssh.org
Name: libssh
BuildRequires: cmake
BuildRequires: doxygen
BuildRequires: gcc-c++
BuildRequires: openssl-devel
Version: 0.5.1
Release: 0
Summary: SSH library
License: LGPL-2.1+
Group: System/Libraries
Source0: %{name}-%{version}.tar.bz2
Patch1: 0001-CVE-2012-4562-Fix-possible-integer-overflow-in-ssh_g.patch
Patch2: 0002-CVE-2012-4562-Fix-multiple-integer-overflows-in-buff.patch
Patch3: 0003-CVE-2012-4562-Fix-a-possible-infinite-loop-in-buffer.patch
Patch4: 0004-CVE-2012-4562-Fix-possible-string-related-integer-ov.patch
Patch5: 0005-CVE-2012-4560-Fix-a-write-one-past-the-end-of-the-u-.patch
Patch6: 0006-CVE-2012-4560-Fix-a-write-one-past-the-end-of-buf.patch
Patch7: 0007-CVE-2012-4559-Ensure-we-don-t-free-blob-or-request-t.patch
Patch8: 0008-CVE-2012-4559-Ensure-that-we-don-t-free-req-twice.patch
Patch9: 0009-CVE-2012-4559-Make-sure-we-don-t-free-name-and-longn.patch
Patch10: 0010-CVE-2012-4561-Fix-error-handling-of-try_publickey_fr.patch
Patch11: 0011-CVE-2012-4561-Fix-possible-free-s-on-invalid-pointer.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define debug_package_requires libssh4 = %{version}-%{release}
%description
The ssh library was designed to be used by programmers needing a
working SSH implementation by the mean of a library. The complete
control of the client is made by the programmer. With libssh, you can
remotely execute programs, transfer files, use a secure and transparent
tunnel for your remote programs. With its Secure FTP implementation,
you can play with remote files easily, without third-party programs
others than libcrypto (from openssl).
This package provides libssh from http://www.libssh.org that should not
be confused with libssh2 available from http://www.libssh2.org (libssh2
package)
Authors:
--------
Aris Adamantiadis
From 0b6d7c05c872e5d8e348e9fe2d9fb0340446fbeb Mon Sep 17 00:00:00 2001 From: Xi Wang
Date: Fri, 25 Nov 2011 23:02:06 -0500 Subject: [PATCH 01/11] CVE-2012-4562: Fix possible integer overflow in ssh_get_hexa().
No exploit known, but it is better to check the string length.
Signed-off-by: Andreas Schneider
From 59a6f5f7338f26efff6c57dc6853c830218664e7 Mon Sep 17 00:00:00 2001 From: Xi Wang
Date: Mon, 28 Nov 2011 04:42:54 -0500 Subject: [PATCH 02/11] CVE-2012-4562: Fix multiple integer overflows in buffer-related functions.
Signed-off-by: Andreas Schneider
From 66c524db6fd3063e806d14239a98048a4c63337a Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 12 Oct 2012 11:35:20 +0200 Subject: [PATCH 03/11] CVE-2012-4562: Fix a possible infinite loop in buffer_reinit().
If needed is bigger than the highest power of two or a which fits in an
integer we will loop forever.
Signed-off-by: Andreas Schneider
From ba42ece534e50bb35b25a0d7bf4341500e728ba8 Mon Sep 17 00:00:00 2001 From: Xi Wang
Date: Fri, 25 Nov 2011 23:02:57 -0500 Subject: [PATCH 04/11] CVE-2012-4562: Fix possible string related integer overflows.
Signed-off-by: Andreas Schneider
From 5d15e5a268f74f661168c4ff4afe213327d6105e Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 11:37:09 +0200 Subject: [PATCH 05/11] CVE-2012-4560: Fix a write one past the end of the 'u' buffer.
Signed-off-by: Andreas Schneider
From 1caf97b289727ca5af00a4f8acc07d084889080f Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 11:39:47 +0200 Subject: [PATCH 06/11] CVE-2012-4560: Fix a write one past the end of 'buf'.
Signed-off-by: Andreas Schneider
From cdddfd1947f9bccd8a1e2a1c13e135a42dfcfe3a Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 14:33:29 +0200 Subject: [PATCH 07/11] CVE-2012-4559: Ensure we don't free blob or request twice.
Signed-off-by: Andreas Schneider
From d8b03cfe3869a57e4a6367b4a03681715d38102e Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 14:39:51 +0200 Subject: [PATCH 08/11] CVE-2012-4559: Ensure that we don't free req twice.
Signed-off-by: Andreas Schneider
From f12bf9ee2f05af398d341c6836f157cc6598f564 Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 14:46:36 +0200 Subject: [PATCH 09/11] CVE-2012-4559: Make sure we don't free name and longname twice on error.
From 1164c4ade5d39213a90e329042ae76d9a7f98f74 Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 14:56:56 +0200 Subject: [PATCH 10/11] CVE-2012-4561: Fix error handling of
From 8f2305c18c27ea8e2309bb897eef64e0351b170a Mon Sep 17 00:00:00 2001 From: Andreas Schneider
Date: Fri, 5 Oct 2012 15:07:17 +0200 Subject: [PATCH 11/11] CVE-2012-4561: Fix possible free's on invalid
Signed-off-by: Andreas Schneider