From patchwork Tue Dec 21 13:02:52 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ernst_Sj=C3=B6strand?= X-Patchwork-Id: 1770 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5EE8FC433EF for ; Tue, 21 Dec 2021 13:02:58 +0000 (UTC) Received: from mx08-00271601.pphosted.com (mx08-00271601.pphosted.com [185.132.182.208]) by mx.groups.io with SMTP id smtpd.web12.5421.1640091776923396062 for ; Tue, 21 Dec 2021 05:02:57 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@verisure.com header.s=pp16032020 header.b=T27dEeps; spf=none, err=permanent DNS error (domain: lists.verisure.com, ip: 185.132.182.208, mailfrom: ernst.sjostrand@lists.verisure.com) Received: from pps.filterd (m0107398.ppops.net [127.0.0.1]) by mx08-00271601.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 1BLCXu0V029102; Tue, 21 Dec 2021 14:02:55 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verisure.com; h=from : to : subject : date : message-id : references : in-reply-to : content-type : content-id : content-transfer-encoding : mime-version; s=pp16032020; bh=X2d3rYt+5TwCc+SSDTfeApEt16PIA0lUhuka/DX/UgA=; b=T27dEepsKKVn+YsQNhH7RXEGZxRQmrqFKDdTlAD+Qul/qJ9N1QCPLx+uesPVhQRgm/ux JYVOWm6W1xyMN2HmYae4HXCO/D8sU8jmOvajZEqBGjpUBfYyOO6Gx/HLVj6JXPPYUmgo Ny9R3LXhHPtysdlyTGTJpM8XCsJkb9DJOQK2XFh23GDQjd94AKmm0IPmHCT80flcZvT1 1N8TFiuj3PlZBBZMIi+vcfmV86NTMksqlIdHAtU4W9SxKAsofBLpjHc1q7L/JwTnE7ps bUPT06noIaHMoQWva4BrgZ3rWAlExT3l1rO7Xm+qLPtEoHi6NqcBv2Da+MtjpaX0bA/8 +Q== Received: from eur02-am5-obe.outbound.protection.outlook.com (mail-am5eur02lp2055.outbound.protection.outlook.com [104.47.4.55]) by mx08-00271601.pphosted.com (PPS) with ESMTPS id 3d39wvkf2k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 21 Dec 2021 14:02:53 +0100 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=R/SW9DBPkkwqXuvd6wPqs1UrDg9yHwmp78GJOxNK3oBy5HyGOtwPpnd1avggnHrEtSjqsbWjSOT4pgeiktH55TG5Do66wbPfecORv5zdl0LC1iuHIqBs/R0sU1/nYmR3FkKf9bkHa/hUxn1lqkmE1vKFlctviaFFT9VhBtSjKzCoI60YBRwgHvDkp2mtETCltchNkKNdh6VNj+H1sUQnvsafo9QGXgDwqwERlHu5eT/mDCDbsIxs1oJ4BTdDK8Srcsb6o5bK+m7pH6DGbsUNoZmsKhoHMrQPulYHSYz1sdpsyAh0DjhQdM5UV+rUi/d3jA3rviXCwdilIbdvprtw2Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=X2d3rYt+5TwCc+SSDTfeApEt16PIA0lUhuka/DX/UgA=; b=Mp1al1P+b/EVeeZ65+edbwqY6cPqQfANl7Frbjr4f7qdasFCyZ4D4z5KKRgcO7nbLAaZqblkBnbn/f59sNBp3Ch2dvh7QvnrTS/UtdyniXV48/Zs8cnsSr3H09/qbCdhwWERMb0fzwj2ViakkanqaErxhqyzdhfi7f6HHmW1qrSwCIP0pSEsBdKMHWyGGkfSrbWTNjHG/o2b8d+Bo8OAuFZ9Gk7BDJsfJwpqx4NB4wimJ1yRNgU7UnxC71i1D6fggyRqSVTYcvNj3w4rK0NapkBCK0qBXdPhxOEev7JH6h4RFUR37bQIY/RksWuMCNmfOnDuNWwUZjR8zV+ry6r+AQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=lists.verisure.com; dmarc=pass action=none header.from=lists.verisure.com; dkim=pass header.d=lists.verisure.com; arc=none Received: from AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:43b::18) by AM9PR10MB5023.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:20b:3dd::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4801.17; Tue, 21 Dec 2021 13:02:52 +0000 Received: from AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM ([fe80::66:11c9:5d2a:e49c]) by AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM ([fe80::66:11c9:5d2a:e49c%4]) with mapi id 15.20.4801.020; Tue, 21 Dec 2021 13:02:52 +0000 From: =?utf-8?q?Ernst_Sj=C3=B6strand?= To: "openembedded-core@lists.openembedded.org" , "steve@sakoman.com" Subject: [dunfell][PATCH v2] dropbear: Fix CVE-2020-36254 Thread-Topic: [dunfell][PATCH v2] dropbear: Fix CVE-2020-36254 Thread-Index: AQHX9msQgqOd1PvRhkKPZhedkdQ3Tw== Date: Tue, 21 Dec 2021 13:02:52 +0000 Message-ID: <0ab160933ee8b84b5d5b0e648a2a20f8ed3367d3.camel@lists.verisure.com> References: <16C2B9B88AD918F7.22520@lists.openembedded.org> In-Reply-To: <16C2B9B88AD918F7.22520@lists.openembedded.org> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 432099cb-bf14-4514-3a4c-08d9c48232ac x-ms-traffictypediagnostic: AM9PR10MB5023:EE_ x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:176; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: K3P9Roxxn0Dci4q45pjBFhO1jOEW5bq04EH3bld0Yp3Z6l+ZrMawEd5XJbTUZ4jYZScGTHQCrjsul1BjmOBrdYHYjBzEd0PAb40+Q8nHql1BUPG6NW8QFIYCXj7qA1dh2Y2vZXow7qGHK4gqSak6ASwzcqE7C03EjUz2RMLjgX376Hxs5XPdohx+vqNZw8oZPToplc7L908UV8YtwYnDaH/h0lpHRs2nJ1HrbqC6Pf7oDfbJ39Rl2Fql2rtpVTuqALUFGA7pYmmWWPUcdoIE3ZBJbSjMszDpf6gqcbZNXTUBXYT6CzwZoNjLizUw09F7nY5oGPImxoX/rTuyeM3BySlHUb58gfrimseex0Fdpe8c7IMcDol+tuhv2cP5Axn82hfBJ9hCA5sLVly37v0wDIc9UbQOK1UBEq4v7awmwJHzbDBRBfacFbpABNMWcrABtWsbWjA1hf+nMhqsFuxWPDMuteGpW4asvOU/Q7UjmFZZC+CJDV2w37PAIDw62ZmXy3F/26ENiYb5uJnWOk6xg5cu/oDj6YcllHBxbitFZhxC9Fz+XnkGZBJTXySgvWwePT9ZZLD/abPOG2aUTcVyejyapTwE+c+ukPCzylzWdRBbYqc+VfzEU5gQOkQ9nrT8eqILhOro0KZVQh31RbVcbK8iNstF/9vtULQQ0SbksoTu/QrO/1tRBBRCBd1kyP3Olp9vHxyJ6JodXZc/atz5jZSbcDo6eYShdmEVV9Jyx6oIyNuyu9DCOErlL37eWM8QShCWUSRC+T8xaACJ/iDtxVvz6TDIRv8SS7427fBiRUs= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(4636009)(366004)(66556008)(64756008)(2906002)(85182001)(76116006)(6512007)(966005)(66946007)(66476007)(66446008)(83380400001)(508600001)(66574015)(122000001)(91956017)(5660300002)(6506007)(38100700002)(6486002)(2616005)(186003)(85202003)(71200400001)(8936002)(86362001)(26005)(110136005)(316002)(8676002)(38070700005);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?q?Db2CRWWcioxVAFzG1DqUchYJPzhl?= =?utf-8?q?t1o+FdJLbbCrM5anMlZAEgPP5MH/ru/jMGQdQmwjr8PcMea/lcZFhWu5ZdAgwP5qJ?= =?utf-8?q?EAm57z7gDhiR3dHHJDe18CBiS6GR4dxOsmokzenI/hBQupBBaE06SgrbQtW/Fuxls?= =?utf-8?q?O5+AXing7Ux5ocmxPTvCGY27i4ORQO81S4EWhciO2orzmVU0Xs/44WqsWM3RQhLWf?= =?utf-8?q?aYy9u3FczRXc2UVbCtmmBDQg9HQkDwTttyWzh0ZS2U6ZsD5wqe1O1KeVrYf1Tblx7?= =?utf-8?q?1Pai1O8tW6do2DziH1knZP/F9x+gCUDhrS08eIEy0nyacR70Kc+YvMWIXZJnTO8Qm?= =?utf-8?q?ZX7iq9pNWQrWgQB3cvGO7exibzp9eJ9EQJabyQwNx0TF55h5IjAqlHifFa5ze7T7s?= =?utf-8?q?7caWQimcZOkG2PzH+p3eR83ImM8VGxSC9j5mMmnc6+2z4f1fJepoD1qdnwQyVHBSu?= =?utf-8?q?+lmky18MHPnrBSxfRsRhvkdmqpVLKOVLvxEZSuwMs1rxWlKMnkHaPH93SKcxiOjpl?= =?utf-8?q?+zWXC23ql9ELY2gxy8rjU3QVbMrgEdugMRgUeOydXnqz1+lStf2fpOkVAVfcP0TJ2?= =?utf-8?q?RYQ9fBP2YqaK/b8z0RV84gPicNMiubp/8/G4Ht6TsIo7dXl/A+1x4Fy9nWm/hy8JD?= =?utf-8?q?+fyizpPj53xeHnpT8+RDnlBY6Kk8pSMW4MRM3DcMr/BQL6PwXAwl3GiD3Yh1/Mh0L?= =?utf-8?q?K2GOckP/NL8CMFWS0cHr8q35ha3+4AQbfHRWrsF62zPNTHgkDQzgQ9YDFem8oWTVH?= =?utf-8?q?I/ygfFfUIAajIoExWTfrDwJhRm/E/uFxKVY9a/Hq7jy8p0QX5qHTRoWnqHECvwI8E?= =?utf-8?q?8NjuzQPLgKNPRqrddz29yjZIjaOXhglIlWQ6A6CcqnfuOT4Inbx40rPMeWnmK02oM?= =?utf-8?q?pTCLd06ZbPZ01KA5fNYyhNm41onK7bpXNgZt693+Bo/Df9fez6Ubqvr9mLtIDaWMK?= =?utf-8?q?FTKRZVvmuu+T52iYyedvdjMD7RJGJ4JVEkgBw9QBuPuRMCWApU31VjJxf38iastRG?= =?utf-8?q?24GriEnJfqF2q1rT5A2Led8IVmejo3cry9JtahiOV0gFdSfL5Hrd0D8cEMtV4s9Xa?= =?utf-8?q?ZBOuIFmUMTfUfyWVkN2jk25Fl1S8slOyFyqeY/COKtblFJDX5irSBdnMUlTqeHYCp?= =?utf-8?q?V09SbNehbxvoyQNe+iHP9h7RvZcht5smp4kChm2XfIjoa3PlJRXu9iwN+GIeA6z4n?= =?utf-8?q?BFV+1K1gQA2wJe3uUtQqLWDKgB/jjalTtpYqf1QzPATbNUaF09SlLTVj10WZOSUXy?= =?utf-8?q?tZrE0TeJL3ZdOzktVSXa8jFTDJOeh04v3fz123BQxdlXyHMwDofX30zFofUl/hkv0?= =?utf-8?q?XSA7Z3REovQZWOq56csb1KsTQeIDgPxxpqqqdVFee5n9BNyH1hSksw0aOT5RZ1Shz?= =?utf-8?q?c78eEqGE/mYGGThmqj8k53zx/LaWuXOlZ7rcbBYHPryUY+jjlgDDACECS5pcYxkTG?= =?utf-8?q?X7T54vOmX2TziDXlDDjHpxXEMW8klJ8rIyAtTuDsHoLzULHWrrv4fOTTqaCiRW4lH?= =?utf-8?q?N/1e0IFDZ6e/y5jFTwj+b4KyYZrJ4uD44x07Nku4SKbx5I5VkQ6/tvgC3RGc0sSvs?= =?utf-8?q?ykufp90VS/Cabbcos4ZtQoxUsaKw1JJ0op+2ytTLKctqAXPy4HvCvU=3D?= Content-ID: <661C02617624064EB390FDFB84B7CC43@EURPRD10.PROD.OUTLOOK.COM> MIME-Version: 1.0 X-OriginatorOrg: lists.verisure.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: AM9PR10MB5132.EURPRD10.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 432099cb-bf14-4514-3a4c-08d9c48232ac X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Dec 2021 13:02:52.3747 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3055fa7f-a944-4927-801e-a62b63119e43 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: q9KttZWiYVB9CEKry5YohGknFh8wWRPBg9HF9rIafsP7p+dE8H0KsFRJm2fBAmDbxi1HSTDGro2IvTlcT6jS8O/kumzH2dx+8e/Ud2yr5wA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR10MB5023 X-Proofpoint-GUID: KDabgjjEUF0z6agREGQi9WvuvR6Cik5i X-Proofpoint-ORIG-GUID: KDabgjjEUF0z6agREGQi9WvuvR6Cik5i X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.790,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2021-12-21_04,2021-12-21_01,2021-12-02_01 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 21 Dec 2021 13:02:58 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/159916 Dropbear shares a lot of code with other SSH implementations, so this is a port of CVE-2018-20685 to dropbear. Reference: https://github.com/mkj/dropbear/commit/8f8a3dff705fad774a10864a2e3dbcfa9779ceff Signed-off-by: Ernst Sjöstrand --- Rename the patch file to make sure cve-check picks it up. meta/recipes-core/dropbear/dropbear.inc | 4 +++- .../dropbear/dropbear/CVE-2020-36254.patch | 23 +++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch -- 2.34.0 diff --git a/meta/recipes-core/dropbear/dropbear.inc b/meta/recipes-core/dropbear/dropbear.inc index d41e8b36dc..b949a9a337 100644 --- a/meta/recipes-core/dropbear/dropbear.inc +++ b/meta/recipes-core/dropbear/dropbear.inc @@ -22,7 +22,9 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \ file://dropbear.socket \ file://dropbear.default \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} " + ${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} \ + file://CVE-2020-36254.patch \ + " PAM_SRC_URI = "file://0005-dropbear-enable-pam.patch \ file://0006-dropbear-configuration-file.patch \ diff --git a/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch b/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch new file mode 100644 index 0000000000..72ac3e6630 --- /dev/null +++ b/meta/recipes-core/dropbear/dropbear/CVE-2020-36254.patch @@ -0,0 +1,23 @@ +From c96c48d62aefc372f2105293ddf8cff2d116dc3a Mon Sep 17 00:00:00 2001 +From: Haelwenn Monnier +Date: Mon, 25 May 2020 14:54:29 +0200 +Subject: [PATCH] scp.c: Port OpenSSH CVE-2018-20685 fix (#80) + +--- + scp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/scp.c b/scp.c +index 742ae00..7b8e7d2 100644 +--- a/scp.c ++++ b/scp.c +@@ -935,7 +935,8 @@ sink(int argc, char **argv) + size = size * 10 + (*cp++ - '0'); + if (*cp++ != ' ') + SCREWUP("size not delimited"); +- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) { ++ if (*cp == '\0' || strchr(cp, '/') != NULL || ++ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) { + run_err("error: unexpected filename: %s", cp); + exit(1); + }