Last active
January 22, 2024 11:16
-
-
Save mherkazandjian/00b0fccf49b672b0a623b99fd5381db8 to your computer and use it in GitHub Desktop.
patched rpms for centos 7 for openssh CVE-2023-51385
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # patched rpms for CVE-2023-51385 ( https://access.redhat.com/security/cve/cve-2023-51385 ) | |
| # | |
| mkdir workdir | |
| docker run -it --rm -v $PWD/workdir:/root centos:7 | |
| yum install -y \ | |
| pam-devel \ | |
| rpm-build \ | |
| zlib-devel \ | |
| wget \ | |
| rpm-build gcc make wget openssl-devel pam-devel zlib-devel \ | |
| openssl-devel | |
| mkdir -p ~/rpmbuild/{SOURCES,SPECS,BUILD,RPMS,SRPMS} | |
| cd ~/rpmbuild/SOURCES | |
| wget http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-7.4p1.tar.gz | |
| tar -xvf openssh-7.4p1.tar.gz | |
| cp openssh-7.4p1/contrib/redhat/openssh.spec ~/rpmbuild/SPECS/ | |
| sed -i 's/%define no_x11_askpass 0/%define no_x11_askpass 1/g' ~/rpmbuild/SPECS/openssh.spec | |
| sed -i 's/%define no_gnome_askpass 0/%define no_gnome_askpass 1/g' ~/rpmbuild/SPECS/openssh.spec | |
| cd ~/rpmbuild/SOURCES/openssh-7.4p1 | |
| curl -sL https://gist.githubusercontent.com/mherkazandjian/00b0fccf49b672b0a623b99fd5381db8/raw/004f389fd2c8c95c7ddcd3f8a35f2e131bf1b98b/ssh.c.patch > ssh.c.patch | |
| patch ssh.c ssh.c.patch | |
| rpmbuild -bb ~/rpmbuild/SPECS/openssh.spec |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 506a507,541 | |
| > static int | |
| > valid_hostname(const char *s) | |
| > { | |
| > size_t i; | |
| > | |
| > if (*s == '-') | |
| > return 0; | |
| > for (i = 0; s[i] != 0; i++) { | |
| > if (strchr("'`\"$\\;&<>|(){}", s[i]) != NULL || | |
| > isspace((u_char)s[i]) || iscntrl((u_char)s[i])) | |
| > return 0; | |
| > } | |
| > return 1; | |
| > } | |
| > | |
| > static int | |
| > valid_ruser(const char *s) | |
| > { | |
| > size_t i; | |
| > | |
| > if (*s == '-') | |
| > return 0; | |
| > for (i = 0; s[i] != 0; i++) { | |
| > if (strchr("'`\";&<>|(){}", s[i]) != NULL) | |
| > return 0; | |
| > /* Disallow '-' after whitespace */ | |
| > if (isspace((u_char)s[i]) && s[i + 1] == '-') | |
| > return 0; | |
| > /* Disallow \ in last position */ | |
| > if (s[i] == '\\' && s[i + 1] == '\0') | |
| > return 0; | |
| > } | |
| > return 1; | |
| > } | |
| > | |
| 963a999,1003 | |
| > if (!valid_hostname(host)) | |
| > fatal("hostname contains invalid characters"); | |
| > if (options.user != NULL && !valid_ruser(options.user)) | |
| > fatal("remote username contains invalid characters"); | |
| > | |
| 1465a1506,1507 | |
| > | |
| > |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment