From patchwork Tue Dec 21 09:03:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ernst_Sj=C3=B6strand?= X-Patchwork-Id: 1765 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C360CC433F5 for ; Tue, 21 Dec 2021 09:03:36 +0000 (UTC) Received: from mx08-00271601.pphosted.com (mx08-00271601.pphosted.com [185.132.182.208]) by mx.groups.io with SMTP id smtpd.web12.3776.1640077415017552812 for ; Tue, 21 Dec 2021 01:03:36 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@verisure.com header.s=pp16032020 header.b=p5AIkzuK; spf=none, err=permanent DNS error (domain: lists.verisure.com, ip: 185.132.182.208, mailfrom: ernst.sjostrand@lists.verisure.com) Received: from pps.filterd (m0107398.ppops.net [127.0.0.1]) by mx08-00271601.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 1BL6iL6d031541; Tue, 21 Dec 2021 10:03:32 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verisure.com; h=from : to : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=pp16032020; bh=Re9THRmXjAh78+N+Fp1sdeGjBKv7fQflVGYcVo2ofZE=; b=p5AIkzuK+PbKLNT96T3K3lpF9gJdIEic9SUWrPgohip9uSpFm9i2r6ifsc889vlajn9K fm1WasIvMfYxITQ96lLUcZt2oGpIPm6R7CR5KQ9nHyDOZkAgQ1v3sdGMKd3EXiBfoha8 5cOoPR/AKqc+vB+A4jr3lnFbmEtP41SDiLs96bVUaWva5IrfyPN1k2sGFP2tkTELi3Q6 K55XOxLZz0VtLm1DUXzzq2bRmqiDgTAamES9Kjm20XFLqBKReqx7LTteYBppRIlFeevG 4RwLbNlV2Q1mm+xNce0m70dAz94y4U3No1OpdxGQfwOaH+I7R+uLenEMnMOg0fiJs5Vi FQ== Received: from eur05-am6-obe.outbound.protection.outlook.com (mail-am6eur05lp2111.outbound.protection.outlook.com [104.47.18.111]) by mx08-00271601.pphosted.com (PPS) with ESMTPS id 3d39wvgyja-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 21 Dec 2021 10:03:32 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=gu+YSEq1fyaKDTBCRHfqal2yv1o9+PDIEH96VedK9Poy0fktUfLGtM3NW/WaJQEDPgUAr7qcAUi7nQfTlTaoaMmpwesGHLBzN6kTh5ZxKHeOKQtzmC/q6BPgLJezhDnN4VUxmt44krY1DzxfO5+Y4CRHwoaUrjoyynyRtrUJGZjj45E+yeOgAqVr8GsDDDl/QnkYzkCy0jZEk/k9Ryi7DIW9FR7WwEiIvf1HtaH/mZ0SwrNWwaFRt8WDRc4pVdT9ABV8vkmXNBVsn6bBTiSCU6t9po61Zu2KOgUU+jF9ctBaa1CQMwxICoO9SPy73hCVGmcIyD+HSX0ugvmXFWUZtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Re9THRmXjAh78+N+Fp1sdeGjBKv7fQflVGYcVo2ofZE=; b=A8mwlrLEmUxCfJ3rjIA9H3y1EePA2r7O+kvGZwnBOjgQqSqbjJt6iKlGbllzzRwomO0GustcJNiajYiwHRtzIvwdQeJ7HJ095YraVcvUPxeNe/ke2oFaZ/kHRzHh90KuLHpvnRQm3mdOIdq9JN5UnVruSfC4dJqNcwsVg7eHCOvbrjaBFeiIBij1yAoUhDwAnOLpEvGlRB/vu13vJV63J4yNPNyWUbAW0T1rQ1RWOACDW83ftDvgkE23DYHEUmUixlG6S/L0srfWlxBNqFuqSJiW+qJYaxbtIulMqhyU9fUhd1cr8LjJVo0I06kT35dRIr2J7w5ogttlmodAwPXMQA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=lists.verisure.com; dmarc=pass action=none header.from=lists.verisure.com; dkim=pass header.d=lists.verisure.com; arc=none Received: from AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:43b::18) by AS4PR10MB5174.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:4c2::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4755.20; Tue, 21 Dec 2021 09:03:30 +0000 Received: from AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM ([fe80::66:11c9:5d2a:e49c]) by AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM ([fe80::66:11c9:5d2a:e49c%4]) with mapi id 15.20.4801.020; Tue, 21 Dec 2021 09:03:30 +0000 From: =?utf-8?q?Ernst_Sj=C3=B6strand?= To: "openembedded-core@lists.openembedded.org" , "steve@sakoman.com" Subject: [dunfell][PATCH] dropbear: Fix CVE-2020-36254 Thread-Topic: [dunfell][PATCH] dropbear: Fix CVE-2020-36254 Thread-Index: AQHX9kmfUi3YDTvgu0qkTbrAJfuhZQ== Date: Tue, 21 Dec 2021 09:03:29 +0000 Message-ID: <62703ef9115b2028f4e57328cd1abc02f2f784e3.camel@lists.verisure.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 5123ff42-9966-43b7-47ac-08d9c460c1ff x-ms-traffictypediagnostic: AS4PR10MB5174:EE_ x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:127; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 02Jvta6WKZ8NQFfTTBi23jXqhNmNrmhoDu3jh/9hnuL6bB4bgAeQ58C2SltDS47giyLG/wz4ERUqFLZeZzE/xrhLc6PMsiR7QWAdRUyaygR3DRV9SZFpAiAA2Z2lhkmMxGH/iRsdazW4fXbt8jC/82YoyOjLh74LJPhYjOOhZc4jUpKZkwRLqfP7gdVdlHX2LdqYM3fdTJ1nA1YqeU69kTvCt1yVPXrxC2s4XQKaK4tZX7ghSw2hnW4/QZDSyTHvSBJdTSImJiXFpmG7Ih4lW8oRQ9zCWUowplUBeC14TdhI71OBFdiC9Y3qO1clB5Uf+UKHM/fsQhOmN3gY6SK0sPVgWCMJ5S2YjYvHmv32bSQbEj5UGuold8VObgrD8+d/0QMVl3PX/XWhXS/1fFUvDLEjysmgK4KMxOnHcRY2zFELpIrQ6d47tAnaT8vvitJSns1tXRYJhyvLwnxNlFOEEYWULkdk0EYgZor4LJAnVybqzJT3etGqUpIVa2xbm2ntkSgB7AFKYTXqQqiFhcloX3Rz3hYHPh29u2X6RWQT7DjWiizp89RFc+5B9UK/8Eb2sA77Xwbj1TuB4QQE9YAmbk29aYS0Iehb5GVNutwwmYj6AbTFrw8+WnF7OlRIG817p2781+HTbg+hosXxp0DTnRh+cTL8z9lXDnMMnMHynfTUOSE+f1p86R58HKXbJNTjFzyWaSXQdBZzCRnXF272osGFVUj9iDoERAmjwJqxgTnrrFSpfsHHjZk+02vwNZdtZ/mfF0skhS9De62SUShIVwPkDQGCm58PZtHhLs0GssQ= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(4636009)(366004)(86362001)(2906002)(76116006)(38070700005)(5660300002)(508600001)(110136005)(85182001)(6512007)(71200400001)(6506007)(38100700002)(26005)(66556008)(64756008)(66446008)(186003)(19627235002)(122000001)(8936002)(66946007)(83380400001)(66574015)(316002)(91956017)(966005)(2616005)(85202003)(6486002)(8676002)(66476007);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?q?a+jqDh23EbMYmmIQmF6xAkzssKsl?= =?utf-8?q?Dw9vk9plPsUVqnJMzgsB0enPgZDG4yk4UDl6KOcRGVmcSSPTXtNSFGDDlQ4gSZ+sW?= =?utf-8?q?aNSS3Owb6QEDICjtBJnOqvnqW9hjKCIcoYXpGbx6XejpvkpHXvXYIO0XJf9tErvPU?= =?utf-8?q?OMvxPzFbliM+TqAncDEmOAVdrmglPKTEuPBVVlRG6mN6kiQS5Cg0VIXhqZKEIZH/6?= =?utf-8?q?n0WwwbWco7d0mOzPeyt1JvsXlgS5axMurkh41AsZLk06gMgY5sFizG8ik4ktnkF/t?= =?utf-8?q?8bBEwnLsUtqv64tmC68vY3DYX6A7s4IWqszKIRQJAR9xg+Ogy0UcEqNDCw/0AVilH?= =?utf-8?q?kRi3m66Hvoozys0zQvdLbn9rpyJ9GShjeyNsJDk1EIPpFZ9H/+hBPrwhbp3VtJAlM?= =?utf-8?q?kdLWhLe4ntgySopHcIhwxJQYtRD1h/4TAtqSvm0Q8h+XAVXhlB18qy2qQMrCXzu0w?= =?utf-8?q?krHnKTPZ3gPf6cjmvYVWHRoK3B4tojk+UQQCuOqas1IDqKAgiS3cL2QXd3uesqRjD?= =?utf-8?q?kD2j4zyYPw52ZwVtHxwB2CB5C16e18w+xK4XAgb7cfBPRkX/1RdUAHOhI8faISdt6?= =?utf-8?q?ZYvnMRV9L/201Eq2DcRUtJtQoXXiKRyWMsgQE9dyQPYAHKXqeBiNR4NGo9PX/nqPx?= =?utf-8?q?Go+1x2mpke+e2TpGeu/rs5X++mOs/uoRKkvfokYI5CC8ghzS3y8Xp0UHUJGtPadNm?= =?utf-8?q?dGivR7bobZuNfKlBiYLn/6zVtS+D8d0vDWyq4pYuPSdM5tgGg2Zpw6E+xXOkd6hKG?= =?utf-8?q?irr2OB8fP/JzDGnFJQe+4NcU26mGRYHVWMHxx59cKFmqckHjigyiTTytthYs9VoSv?= =?utf-8?q?dPU8aQpeccLafId0D1i6PjdxrlX1wu3+zjN0kcBFUWm9NnO0lmR7M8SwwT+aq1dFH?= =?utf-8?q?+fy6oknpjcisuT+1YSB+bk/JQa54TgJp4wxsN3/m6V85qv8g4pce/UUKLo38VtudL?= =?utf-8?q?SS+esLDdIpvHzSeHQYaNDZUWSn6p7MrQKtHJYBPrPRdk9/FmCup9n6ayWYe8nxFSe?= =?utf-8?q?xHw5+piK7sOhd3Z+g3SshSm30TbR5MAmRpQk0BpDOrpcJiwiYNnL9Ecg2yJiHGTYt?= =?utf-8?q?JNhJi9iATr4oQnuhu3s1eeupbqBnWXg+kketjSveNSGKRc62dwGkTkkpTae6ZtPlw?= =?utf-8?q?+jgpvgHvPBaXomxJB7iLl3eUYwKbEMkiqs/uT6wAfGyRU9dVFfyZNZbZM5S4dbDSJ?= =?utf-8?q?OOfbCZ3Q+VCIEGeLeAN26sPGIUq4F3PDh1YyPiU6q6YHOOvt8aa8zJbxDvI/ELVaG?= =?utf-8?q?9cI71TKUBNE0blI3jlHksadltyfY4mnowHWdkMsFmACncQ0SEJ09FB9crQ7bngRmp?= =?utf-8?q?KhO9XG4O8g7FdceHb12ki2Vdm8SIyBn+JqjbTbd9zycb/xZch8A4Sgoiq79nO6hvE?= =?utf-8?q?mVYAY2qHUh/RnvZ/ifsP6qbqN36hqGxju6RyrVljZzhKnhlHusFYgI6MZ2yT7Rab1?= =?utf-8?q?n/beKMyic3Kwgy1J1oRq6grNiCEacJHsyq+6DQHOYDJyNYEux6yC22AE/pys9mGKS?= =?utf-8?q?fMTpRwklFcajb5QJeOYbEE6yIfYPlB4K5KAMDSYkkr+132RoaOTPIEdEjQ/AmlZyd?= =?utf-8?q?nE9j4nfN7RP7RSI53q+XKnRNVFTLchWifh22sX3LFYMdiQ5ZC6Repg=3D?= Content-ID: <96AB5FBFF70DAA4183BC9508CAF35AFB@EURPRD10.PROD.OUTLOOK.COM> MIME-Version: 1.0 X-OriginatorOrg: lists.verisure.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 5123ff42-9966-43b7-47ac-08d9c460c1ff X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Dec 2021 09:03:29.9804 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3055fa7f-a944-4927-801e-a62b63119e43 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: R2kVtmkHLtoakR4z5adtbVdxwhWGQ0xsTia5reRkIaqDbInCjzwNiFq0HILnNQW/iQKN1ji631CHeWTiTNitvj/by0eugzdtWBGqwBh+/28= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS4PR10MB5174 X-Proofpoint-GUID: opxzrY8ZUtssVx0TLz3Cn-_6c9RhsEi5 X-Proofpoint-ORIG-GUID: opxzrY8ZUtssVx0TLz3Cn-_6c9RhsEi5 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2021-12-21_03,2021-12-21_01,2021-12-02_01 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 21 Dec 2021 09:03:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/159908 Dropbear shares a lot of code with other SSH implementations, so this is a port of CVE-2018-20685 to dropbear. Reference: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff Signed-off-by: Ernst Sjöstrand --- meta/recipes-core/dropbear/dropbear.inc | 4 +++- ...c-Port-OpenSSH-CVE-2018-20685-fix-80.patch | 23 +++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/dropbear/dropbear/0001-scp.c-Port-OpenSSH-CVE-2018-20685-fix-80.patch -- 2.34.0 diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index d41e8b36dc..83bcdbc0a1 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -22,7 +22,9 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://dropbear.socket \ file://dropbear.default \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} " + ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} \ + file://0001-scp.c-Port-OpenSSH-CVE-2018-20685-fix-80.patch \ + " PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \ file://0006-dropbear-configuration-file.patch \ diff --git a/meta/recipes-core/dropbear/dropbear/0001-scp.c-Port-OpenSSH-CVE-2018-20685-fix-80.patch b/meta/recipes-core/dropbear/dropbear/0001-scp.c-Port-OpenSSH-CVE-2018-20685-fix-80.patch new file mode 100644 index 0000000000..72ac3e6630 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/0001-scp.c-Port-OpenSSH-CVE-2018-20685-fix-80.patch @@ -0,0 +1,23 @@ +From c96c48d62aefc372f2105293ddf8cff2d116dc3a Mon Sep 17 00:00:00 2001 +From: Haelwenn Monnier +Date: Mon, 25 May 2020 14:54:29 +0200 +Subject: [PATCH] scp.c: Port OpenSSH CVE-2018-20685 fix (#80) + +--- + scp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/scp.c b/scp.c +index 742ae00..7b8e7d2 100644 +--- a/scp.c ++++ b/scp.c +@@ -935,7 +935,8 @@ sink(int argc, char **argv) + size = size * 10 + (*cp++ - '0'); + if (*cp++ != ' ') + SCREWUP("size not delimited"); +- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { ++ if (*cp == '\0' || strchr(cp, '/') != NULL || ++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { + run_err("error: unexpected filename: %s", cp); + exit(1); + }