Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-7-0]: src/crypto/external/bsd/openssh/dist Pull up following revi...

details:   https://anonhg.NetBSD.org/src/rev/cf4c424acd16
branches:  netbsd-7-0
changeset: 801183:cf4c424acd16
user:      snj <snj%NetBSD.org@localhost>
date:      Tue May 17 18:48:29 2016 +0000

description:
Pull up following revision(s) (requested by christos in ticket #1168):
        crypto/external/bsd/openssh/dist/session.c: revision 1.19
If PAM is configured to read user-specified environment variables
and UseLogin=yes in sshd_config, then a hostile local user may
attack /bin/login via LD_PRELOAD or similar environment variables
set via PAM.
CVE-2015-8325, found by Shayan Sadigh, via Colin Watson
https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755
XXX: pullup-7

diffstat:

 crypto/external/bsd/openssh/dist/session.c |  6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diffs (27 lines):

diff -r 31717e5f8604 -r cf4c424acd16 crypto/external/bsd/openssh/dist/session.c
--- a/crypto/external/bsd/openssh/dist/session.c        Wed May 11 10:10:09 2016 +0000
+++ b/crypto/external/bsd/openssh/dist/session.c        Tue May 17 18:48:29 2016 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: session.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $     */
+/*     $NetBSD: session.c,v 1.12.4.1.2.1 2016/05/17 18:48:29 snj Exp $ */
 /* $OpenBSD: session.c,v 1.277 2015/01/16 06:40:12 deraadt Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-__RCSID("$NetBSD: session.c,v 1.12.4.1 2015/04/30 06:07:30 riz Exp $");
+__RCSID("$NetBSD: session.c,v 1.12.4.1.2.1 2016/05/17 18:48:29 snj Exp $");
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <sys/un.h>
@@ -1223,7 +1223,7 @@
         * Pull in any environment variables that may have
         * been set by PAM.
         */
-       if (options.use_pam) {
+       if (options.use_pam && !options.use_login) {
                char **p;
 
                p = fetch_pam_child_environment();
Home | Main Index | Thread Index | Old Index