summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog30
-rw-r--r--README2
-rw-r--r--contrib/redhat/openssh.spec2
-rw-r--r--contrib/suse/openssh.spec2
-rw-r--r--debian/.git-dpm14
-rw-r--r--debian/changelog9
-rw-r--r--debian/patches/auth-log-verbosity.patch2
-rw-r--r--debian/patches/authorized-keys-man-symlink.patch2
-rw-r--r--debian/patches/debian-banner.patch2
-rw-r--r--debian/patches/debian-config.patch2
-rw-r--r--debian/patches/dnssec-sshfp.patch2
-rw-r--r--debian/patches/doc-hash-tab-completion.patch2
-rw-r--r--debian/patches/doc-upstart.patch2
-rw-r--r--debian/patches/gnome-ssh-askpass2-icon.patch2
-rw-r--r--debian/patches/gssapi.patch2
-rw-r--r--debian/patches/helpful-wait-terminate.patch2
-rw-r--r--debian/patches/keepalive-extensions.patch2
-rw-r--r--debian/patches/mention-ssh-keygen-on-keychange.patch2
-rw-r--r--debian/patches/no-openssl-version-status.patch2
-rw-r--r--debian/patches/openbsd-docs.patch2
-rw-r--r--debian/patches/package-versioning.patch6
-rw-r--r--debian/patches/quieter-signals.patch2
-rw-r--r--debian/patches/restore-tcp-wrappers.patch2
-rw-r--r--debian/patches/scp-quoting.patch2
-rw-r--r--debian/patches/selinux-role.patch14
-rw-r--r--debian/patches/shell-path.patch2
-rw-r--r--debian/patches/sigstop.patch2
-rw-r--r--debian/patches/ssh-agent-setgid.patch2
-rw-r--r--debian/patches/ssh-argv0.patch2
-rw-r--r--debian/patches/ssh-vulnkey-compat.patch2
-rw-r--r--debian/patches/syslog-level-silent.patch2
-rw-r--r--debian/patches/systemd-readiness.patch2
-rw-r--r--debian/patches/user-group-modes.patch2
-rw-r--r--session.c32
-rw-r--r--version.h2
35 files changed, 99 insertions, 64 deletions
diff --git a/ChangeLog b/ChangeLog
index b01bb5642..1e4346715 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,17 @@
1commit 5c35450a0c901d9375fb23343a8dc82397da5f75
2Author: Damien Miller <djm@mindrot.org>
3Date: Thu Mar 10 05:04:48 2016 +1100
4
5 update versions for release
6
7commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56
8Author: Damien Miller <djm@mindrot.org>
9Date: Thu Mar 10 05:03:39 2016 +1100
10
11 sanitise characters destined for xauth(1)
12
13 reported by github.com/tintinweb
14
1commit 72b061d4ba0f909501c595d709ea76e06b01e5c9 15commit 72b061d4ba0f909501c595d709ea76e06b01e5c9
2Author: Darren Tucker <dtucker@zip.com.au> 16Author: Darren Tucker <dtucker@zip.com.au>
3Date: Fri Feb 26 14:40:04 2016 +1100 17Date: Fri Feb 26 14:40:04 2016 +1100
@@ -8889,19 +8903,3 @@ Author: Damien Miller <djm@mindrot.org>
8889Date: Thu Mar 13 13:14:21 2014 +1100 8903Date: Thu Mar 13 13:14:21 2014 +1100
8890 8904
8891 - (djm) Release OpenSSH 6.6 8905 - (djm) Release OpenSSH 6.6
8892
8893commit 8569eba5d7f7348ce3955eeeb399f66f25c52ece
8894Author: Damien Miller <djm@mindrot.org>
8895Date: Tue Mar 4 09:35:17 2014 +1100
8896
8897 - djm@cvs.openbsd.org 2014/03/03 22:22:30
8898 [session.c]
8899 ignore enviornment variables with embedded '=' or '\0' characters;
8900 spotted by Jann Horn; ok deraadt@
8901
8902commit 2476c31b96e89aec7d4e73cb6fbfb9a4290de3a7
8903Author: Damien Miller <djm@mindrot.org>
8904Date: Sun Mar 2 04:01:00 2014 +1100
8905
8906 - (djm) [regress/Makefile] Disable dhgex regress test; it breaks when
8907 no moduli file exists at the expected location.
diff --git a/README b/README
index 0dd047af3..86c55a554 100644
--- a/README
+++ b/README
@@ -1,4 +1,4 @@
1See http://www.openssh.com/txt/release-7.2p1 for the release notes. 1See http://www.openssh.com/txt/release-7.2p2 for the release notes.
2 2
3Please read http://www.openssh.com/report.html for bug reporting 3Please read http://www.openssh.com/report.html for bug reporting
4instructions and note that we do not use Github for bug reporting or 4instructions and note that we do not use Github for bug reporting or
diff --git a/contrib/redhat/openssh.spec b/contrib/redhat/openssh.spec
index 2a55f454e..eefe82df0 100644
--- a/contrib/redhat/openssh.spec
+++ b/contrib/redhat/openssh.spec
@@ -1,4 +1,4 @@
1%define ver 7.2p1 1%define ver 7.2p2
2%define rel 1 2%define rel 1
3 3
4# OpenSSH privilege separation requires a user & group ID 4# OpenSSH privilege separation requires a user & group ID
diff --git a/contrib/suse/openssh.spec b/contrib/suse/openssh.spec
index 53264c1fb..f20a78656 100644
--- a/contrib/suse/openssh.spec
+++ b/contrib/suse/openssh.spec
@@ -13,7 +13,7 @@
13 13
14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation 14Summary: OpenSSH, a free Secure Shell (SSH) protocol implementation
15Name: openssh 15Name: openssh
16Version: 7.2p1 16Version: 7.2p2
17URL: http://www.openssh.com/ 17URL: http://www.openssh.com/
18Release: 1 18Release: 1
19Source0: openssh-%{version}.tar.gz 19Source0: openssh-%{version}.tar.gz
diff --git a/debian/.git-dpm b/debian/.git-dpm
index 65e3d5e54..a06ce86e7 100644
--- a/debian/.git-dpm
+++ b/debian/.git-dpm
@@ -1,8 +1,8 @@
1# see git-dpm(1) from git-dpm package 1# see git-dpm(1) from git-dpm package
285e40e87a75fb80a0bf893ac05a417d6c353537d 227a3937bf51447024527168a510d7f9b21542b1c
385e40e87a75fb80a0bf893ac05a417d6c353537d 327a3937bf51447024527168a510d7f9b21542b1c
4c52a95cc4754e6630c96fe65ae0c65eb41d2c590 4f0329aac23c61e1a5197d6d57349a63f459bccb0
5c52a95cc4754e6630c96fe65ae0c65eb41d2c590 5f0329aac23c61e1a5197d6d57349a63f459bccb0
6openssh_7.2p1.orig.tar.gz 6openssh_7.2p2.orig.tar.gz
7d30a6fd472199ab5838a7668c0c5fd885fb8d371 770e35d7d6386fe08abbd823b3a12a3ca44ac6d38
81499707 81499808
diff --git a/debian/changelog b/debian/changelog
index 20c8059f2..27b46428e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
1openssh (1:7.2p2-1) UNRELEASED; urgency=high
2
3 * New upstream release (http://www.openssh.com/txt/release-7.2p2):
4 - SECURITY: sshd(8): Sanitise X11 authentication credentials to avoid
5 xauth command injection when X11Forwarding is enabled
6 (http://www.openssh.com/txt/x11fwd.adv).
7
8 -- Colin Watson <cjwatson@debian.org> Thu, 10 Mar 2016 13:01:22 +0000
9
1openssh (1:7.2p1-1) unstable; urgency=medium 10openssh (1:7.2p1-1) unstable; urgency=medium
2 11
3 * New upstream release (http://www.openssh.com/txt/release-7.2): 12 * New upstream release (http://www.openssh.com/txt/release-7.2):
diff --git a/debian/patches/auth-log-verbosity.patch b/debian/patches/auth-log-verbosity.patch
index 549570c5c..482ca97bd 100644
--- a/debian/patches/auth-log-verbosity.patch
+++ b/debian/patches/auth-log-verbosity.patch
@@ -1,4 +1,4 @@
1From d104554289d524d6f8c97cc93a8ff5aabbfcdd6c Mon Sep 17 00:00:00 2001 1From 33f7235ca187f62f44734c6caca95e54c3cf7232 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:02 +0000 3Date: Sun, 9 Feb 2014 16:10:02 +0000
4Subject: Quieten logs when multiple from= restrictions are used 4Subject: Quieten logs when multiple from= restrictions are used
diff --git a/debian/patches/authorized-keys-man-symlink.patch b/debian/patches/authorized-keys-man-symlink.patch
index 5a0dcd806..a6e5019e4 100644
--- a/debian/patches/authorized-keys-man-symlink.patch
+++ b/debian/patches/authorized-keys-man-symlink.patch
@@ -1,4 +1,4 @@
1From 88659ca2f10e2401f887b9dd58f6361d7bfa08e4 Mon Sep 17 00:00:00 2001 1From 4f28c3fcf778105bbbb3a2144d1d46bee93b48b7 Mon Sep 17 00:00:00 2001
2From: Tomas Pospisek <tpo_deb@sourcepole.ch> 2From: Tomas Pospisek <tpo_deb@sourcepole.ch>
3Date: Sun, 9 Feb 2014 16:10:07 +0000 3Date: Sun, 9 Feb 2014 16:10:07 +0000
4Subject: Install authorized_keys(5) as a symlink to sshd(8) 4Subject: Install authorized_keys(5) as a symlink to sshd(8)
diff --git a/debian/patches/debian-banner.patch b/debian/patches/debian-banner.patch
index 7f8cdb172..64e7bcae9 100644
--- a/debian/patches/debian-banner.patch
+++ b/debian/patches/debian-banner.patch
@@ -1,4 +1,4 @@
1From 3c79e49a4fbd8e4c84f6af6f1173563bda8b273b Mon Sep 17 00:00:00 2001 1From ae6ba56387f97086bb50273e1c80ba5cbaba2adc Mon Sep 17 00:00:00 2001
2From: Kees Cook <kees@debian.org> 2From: Kees Cook <kees@debian.org>
3Date: Sun, 9 Feb 2014 16:10:06 +0000 3Date: Sun, 9 Feb 2014 16:10:06 +0000
4Subject: Add DebianBanner server configuration option 4Subject: Add DebianBanner server configuration option
diff --git a/debian/patches/debian-config.patch b/debian/patches/debian-config.patch
index 24f1a77ec..3bc6c1303 100644
--- a/debian/patches/debian-config.patch
+++ b/debian/patches/debian-config.patch
@@ -1,4 +1,4 @@
1From 85e40e87a75fb80a0bf893ac05a417d6c353537d Mon Sep 17 00:00:00 2001 1From 27a3937bf51447024527168a510d7f9b21542b1c Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:18 +0000 3Date: Sun, 9 Feb 2014 16:10:18 +0000
4Subject: Various Debian-specific configuration changes 4Subject: Various Debian-specific configuration changes
diff --git a/debian/patches/dnssec-sshfp.patch b/debian/patches/dnssec-sshfp.patch
index 8b33364e4..a6d108d64 100644
--- a/debian/patches/dnssec-sshfp.patch
+++ b/debian/patches/dnssec-sshfp.patch
@@ -1,4 +1,4 @@
1From 094cc9bf1c7f873542a6c8dc25d0f8e61aa23318 Mon Sep 17 00:00:00 2001 1From 9c255ad5c677682eb99e1d45dbd5328cef732036 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:01 +0000 3Date: Sun, 9 Feb 2014 16:10:01 +0000
4Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf 4Subject: Force use of DNSSEC even if "options edns0" isn't in resolv.conf
diff --git a/debian/patches/doc-hash-tab-completion.patch b/debian/patches/doc-hash-tab-completion.patch
index 2b203f5dc..20d25b04e 100644
--- a/debian/patches/doc-hash-tab-completion.patch
+++ b/debian/patches/doc-hash-tab-completion.patch
@@ -1,4 +1,4 @@
1From 3aede5a89ef203b53ef86435fe4af709a39379c2 Mon Sep 17 00:00:00 2001 1From e28df965f5f36a83bba58549a216fba78277585f Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:11 +0000 3Date: Sun, 9 Feb 2014 16:10:11 +0000
4Subject: Document that HashKnownHosts may break tab-completion 4Subject: Document that HashKnownHosts may break tab-completion
diff --git a/debian/patches/doc-upstart.patch b/debian/patches/doc-upstart.patch
index 3266c4707..698236ca7 100644
--- a/debian/patches/doc-upstart.patch
+++ b/debian/patches/doc-upstart.patch
@@ -1,4 +1,4 @@
1From 2c7520d8d6245868704cf01dd572cce744663173 Mon Sep 17 00:00:00 2001 1From d0f5716ccb267efa3178ee03c2fc5a45d024c465 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@ubuntu.com> 2From: Colin Watson <cjwatson@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:12 +0000 3Date: Sun, 9 Feb 2014 16:10:12 +0000
4Subject: Refer to ssh's Upstart job as well as its init script 4Subject: Refer to ssh's Upstart job as well as its init script
diff --git a/debian/patches/gnome-ssh-askpass2-icon.patch b/debian/patches/gnome-ssh-askpass2-icon.patch
index ba2c684fd..7d0c14d5b 100644
--- a/debian/patches/gnome-ssh-askpass2-icon.patch
+++ b/debian/patches/gnome-ssh-askpass2-icon.patch
@@ -1,4 +1,4 @@
1From 5e5d8faea814efa9368ccec343580b6dcd440d5e Mon Sep 17 00:00:00 2001 1From bd1efc3a46d0253b5d3c44e7d881d7ac0af87549 Mon Sep 17 00:00:00 2001
2From: Vincent Untz <vuntz@ubuntu.com> 2From: Vincent Untz <vuntz@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:16 +0000 3Date: Sun, 9 Feb 2014 16:10:16 +0000
4Subject: Give the ssh-askpass-gnome window a default icon 4Subject: Give the ssh-askpass-gnome window a default icon
diff --git a/debian/patches/gssapi.patch b/debian/patches/gssapi.patch
index aa9f25848..6ce8a62bf 100644
--- a/debian/patches/gssapi.patch
+++ b/debian/patches/gssapi.patch
@@ -1,4 +1,4 @@
1From 374db1757fc18bd6647539b80977e6907a2cecd4 Mon Sep 17 00:00:00 2001 1From 6dfd41bb6858c6446c1da47449e2108fbabf220e Mon Sep 17 00:00:00 2001
2From: Simon Wilkinson <simon@sxw.org.uk> 2From: Simon Wilkinson <simon@sxw.org.uk>
3Date: Sun, 9 Feb 2014 16:09:48 +0000 3Date: Sun, 9 Feb 2014 16:09:48 +0000
4Subject: GSSAPI key exchange support 4Subject: GSSAPI key exchange support
diff --git a/debian/patches/helpful-wait-terminate.patch b/debian/patches/helpful-wait-terminate.patch
index 935235b27..d8a12a26f 100644
--- a/debian/patches/helpful-wait-terminate.patch
+++ b/debian/patches/helpful-wait-terminate.patch
@@ -1,4 +1,4 @@
1From 5c2c0e042d57cee75528686f47b4c47db434ad8b Mon Sep 17 00:00:00 2001 1From 6165757b14648f66150a0b5b45790b117f562790 Mon Sep 17 00:00:00 2001
2From: Matthew Vernon <matthew@debian.org> 2From: Matthew Vernon <matthew@debian.org>
3Date: Sun, 9 Feb 2014 16:09:56 +0000 3Date: Sun, 9 Feb 2014 16:09:56 +0000
4Subject: Mention ~& when waiting for forwarded connections to terminate 4Subject: Mention ~& when waiting for forwarded connections to terminate
diff --git a/debian/patches/keepalive-extensions.patch b/debian/patches/keepalive-extensions.patch
index de0f73c59..f184bb41e 100644
--- a/debian/patches/keepalive-extensions.patch
+++ b/debian/patches/keepalive-extensions.patch
@@ -1,4 +1,4 @@
1From a9c7a3f8b035fe820fd32283460b1a28e696d2fe Mon Sep 17 00:00:00 2001 1From ce1a5718a57d2d1c0d9e59cfac81c2f6401780a0 Mon Sep 17 00:00:00 2001
2From: Richard Kettlewell <rjk@greenend.org.uk> 2From: Richard Kettlewell <rjk@greenend.org.uk>
3Date: Sun, 9 Feb 2014 16:09:52 +0000 3Date: Sun, 9 Feb 2014 16:09:52 +0000
4Subject: Various keepalive extensions 4Subject: Various keepalive extensions
diff --git a/debian/patches/mention-ssh-keygen-on-keychange.patch b/debian/patches/mention-ssh-keygen-on-keychange.patch
index 7e6ad3996..77fd9dd81 100644
--- a/debian/patches/mention-ssh-keygen-on-keychange.patch
+++ b/debian/patches/mention-ssh-keygen-on-keychange.patch
@@ -1,4 +1,4 @@
1From cbec84cf05e5dbd6d8a739a7d01e1d242a006d20 Mon Sep 17 00:00:00 2001 1From 86be635e17e81da5e0dc39498724a5c37a52753d Mon Sep 17 00:00:00 2001
2From: Scott Moser <smoser@ubuntu.com> 2From: Scott Moser <smoser@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:10:03 +0000 3Date: Sun, 9 Feb 2014 16:10:03 +0000
4Subject: Mention ssh-keygen in ssh fingerprint changed warning 4Subject: Mention ssh-keygen in ssh fingerprint changed warning
diff --git a/debian/patches/no-openssl-version-status.patch b/debian/patches/no-openssl-version-status.patch
index 42463eed7..58a39a95b 100644
--- a/debian/patches/no-openssl-version-status.patch
+++ b/debian/patches/no-openssl-version-status.patch
@@ -1,4 +1,4 @@
1From c2f77b15d182a5399d4548a57a471d6be7b25a87 Mon Sep 17 00:00:00 2001 1From 37fa6804403a83d98a796f417544104996f3c4a8 Mon Sep 17 00:00:00 2001
2From: Kurt Roeckx <kurt@roeckx.be> 2From: Kurt Roeckx <kurt@roeckx.be>
3Date: Sun, 9 Feb 2014 16:10:14 +0000 3Date: Sun, 9 Feb 2014 16:10:14 +0000
4Subject: Don't check the status field of the OpenSSL version 4Subject: Don't check the status field of the OpenSSL version
diff --git a/debian/patches/openbsd-docs.patch b/debian/patches/openbsd-docs.patch
index abeaad7a5..72f946fec 100644
--- a/debian/patches/openbsd-docs.patch
+++ b/debian/patches/openbsd-docs.patch
@@ -1,4 +1,4 @@
1From 5a19d59c0b76162929545ad1bc92e7de69ce9a7b Mon Sep 17 00:00:00 2001 1From a94344bdb2f8499dd6370f53f41d46bd5a6fc045 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:09 +0000 3Date: Sun, 9 Feb 2014 16:10:09 +0000
4Subject: Adjust various OpenBSD-specific references in manual pages 4Subject: Adjust various OpenBSD-specific references in manual pages
diff --git a/debian/patches/package-versioning.patch b/debian/patches/package-versioning.patch
index b41c066e3..3fd57a043 100644
--- a/debian/patches/package-versioning.patch
+++ b/debian/patches/package-versioning.patch
@@ -1,4 +1,4 @@
1From f7587633dc374db82455fe7a3fa921de5c4a897b Mon Sep 17 00:00:00 2001 1From fa63bc351c67842b687d94a24afa1d7fd1d8c94f Mon Sep 17 00:00:00 2001
2From: Matthew Vernon <matthew@debian.org> 2From: Matthew Vernon <matthew@debian.org>
3Date: Sun, 9 Feb 2014 16:10:05 +0000 3Date: Sun, 9 Feb 2014 16:10:05 +0000
4Subject: Include the Debian version in our identification 4Subject: Include the Debian version in our identification
@@ -49,13 +49,13 @@ index bb093cc..c762190 100644
49 options.version_addendum, newline); 49 options.version_addendum, newline);
50 50
51diff --git a/version.h b/version.h 51diff --git a/version.h b/version.h
52index 4189982..236dd87 100644 52index eb4e948..0840a1a 100644
53--- a/version.h 53--- a/version.h
54+++ b/version.h 54+++ b/version.h
55@@ -3,4 +3,9 @@ 55@@ -3,4 +3,9 @@
56 #define SSH_VERSION "OpenSSH_7.2" 56 #define SSH_VERSION "OpenSSH_7.2"
57 57
58 #define SSH_PORTABLE "p1" 58 #define SSH_PORTABLE "p2"
59-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE 59-#define SSH_RELEASE SSH_VERSION SSH_PORTABLE
60+#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE 60+#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
61+#ifdef SSH_EXTRAVERSION 61+#ifdef SSH_EXTRAVERSION
diff --git a/debian/patches/quieter-signals.patch b/debian/patches/quieter-signals.patch
index 51d5c09d0..5eaab4036 100644
--- a/debian/patches/quieter-signals.patch
+++ b/debian/patches/quieter-signals.patch
@@ -1,4 +1,4 @@
1From 754544297b321ab1ce1923e6aa9987bb82dd4fc5 Mon Sep 17 00:00:00 2001 1From 2ebca9787f92efa5d3fa1a1a47547f5ed1d31ca0 Mon Sep 17 00:00:00 2001
2From: Peter Samuelson <peter@p12n.org> 2From: Peter Samuelson <peter@p12n.org>
3Date: Sun, 9 Feb 2014 16:09:55 +0000 3Date: Sun, 9 Feb 2014 16:09:55 +0000
4Subject: Reduce severity of "Killed by signal %d" 4Subject: Reduce severity of "Killed by signal %d"
diff --git a/debian/patches/restore-tcp-wrappers.patch b/debian/patches/restore-tcp-wrappers.patch
index 47ccdda3c..dbb66f10f 100644
--- a/debian/patches/restore-tcp-wrappers.patch
+++ b/debian/patches/restore-tcp-wrappers.patch
@@ -1,4 +1,4 @@
1From 9496f70a8203592158275489519996476b2356af Mon Sep 17 00:00:00 2001 1From 1b820bd5376b5b04403f0489b2e135566cedd4e6 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Tue, 7 Oct 2014 13:22:41 +0100 3Date: Tue, 7 Oct 2014 13:22:41 +0100
4Subject: Restore TCP wrappers support 4Subject: Restore TCP wrappers support
diff --git a/debian/patches/scp-quoting.patch b/debian/patches/scp-quoting.patch
index cd2685e3a..fbaaa92ec 100644
--- a/debian/patches/scp-quoting.patch
+++ b/debian/patches/scp-quoting.patch
@@ -1,4 +1,4 @@
1From c2c79a52f66eee7b85b5241d08a70b2593a9bc9e Mon Sep 17 00:00:00 2001 1From 9788125fd5b4541ebeae6028b9e911c5aeb43d9f Mon Sep 17 00:00:00 2001
2From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com> 2From: =?UTF-8?q?Nicolas=20Valc=C3=A1rcel?= <nvalcarcel@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:59 +0000 3Date: Sun, 9 Feb 2014 16:09:59 +0000
4Subject: Adjust scp quoting in verbose mode 4Subject: Adjust scp quoting in verbose mode
diff --git a/debian/patches/selinux-role.patch b/debian/patches/selinux-role.patch
index c632f0349..de4384b03 100644
--- a/debian/patches/selinux-role.patch
+++ b/debian/patches/selinux-role.patch
@@ -1,4 +1,4 @@
1From a00cba810338ce920de432e7797a45794bf280ba Mon Sep 17 00:00:00 2001 1From 16caff9bcfbc638ed7d2e01a338db678f138faa5 Mon Sep 17 00:00:00 2001
2From: Manoj Srivastava <srivasta@debian.org> 2From: Manoj Srivastava <srivasta@debian.org>
3Date: Sun, 9 Feb 2014 16:09:49 +0000 3Date: Sun, 9 Feb 2014 16:09:49 +0000
4Subject: Handle SELinux authorisation roles 4Subject: Handle SELinux authorisation roles
@@ -396,10 +396,10 @@ index e687c99..823901b 100644
396 char *platform_krb5_get_principal_name(const char *); 396 char *platform_krb5_get_principal_name(const char *);
397 int platform_sys_dir_uid(uid_t); 397 int platform_sys_dir_uid(uid_t);
398diff --git a/session.c b/session.c 398diff --git a/session.c b/session.c
399index 7a02500..99ec6f3 100644 399index 87fddfc..f246b8a 100644
400--- a/session.c 400--- a/session.c
401+++ b/session.c 401+++ b/session.c
402@@ -1489,7 +1489,7 @@ safely_chroot(const char *path, uid_t uid) 402@@ -1511,7 +1511,7 @@ safely_chroot(const char *path, uid_t uid)
403 403
404 /* Set login name, uid, gid, and groups. */ 404 /* Set login name, uid, gid, and groups. */
405 void 405 void
@@ -408,7 +408,7 @@ index 7a02500..99ec6f3 100644
408 { 408 {
409 char *chroot_path, *tmp; 409 char *chroot_path, *tmp;
410 410
411@@ -1517,7 +1517,7 @@ do_setusercontext(struct passwd *pw) 411@@ -1539,7 +1539,7 @@ do_setusercontext(struct passwd *pw)
412 endgrent(); 412 endgrent();
413 #endif 413 #endif
414 414
@@ -417,7 +417,7 @@ index 7a02500..99ec6f3 100644
417 417
418 if (!in_chroot && options.chroot_directory != NULL && 418 if (!in_chroot && options.chroot_directory != NULL &&
419 strcasecmp(options.chroot_directory, "none") != 0) { 419 strcasecmp(options.chroot_directory, "none") != 0) {
420@@ -1674,7 +1674,7 @@ do_child(Session *s, const char *command) 420@@ -1696,7 +1696,7 @@ do_child(Session *s, const char *command)
421 421
422 /* Force a password change */ 422 /* Force a password change */
423 if (s->authctxt->force_pwchange) { 423 if (s->authctxt->force_pwchange) {
@@ -426,7 +426,7 @@ index 7a02500..99ec6f3 100644
426 child_close_fds(); 426 child_close_fds();
427 do_pwchange(s); 427 do_pwchange(s);
428 exit(1); 428 exit(1);
429@@ -1701,7 +1701,7 @@ do_child(Session *s, const char *command) 429@@ -1723,7 +1723,7 @@ do_child(Session *s, const char *command)
430 /* When PAM is enabled we rely on it to do the nologin check */ 430 /* When PAM is enabled we rely on it to do the nologin check */
431 if (!options.use_pam) 431 if (!options.use_pam)
432 do_nologin(pw); 432 do_nologin(pw);
@@ -435,7 +435,7 @@ index 7a02500..99ec6f3 100644
435 /* 435 /*
436 * PAM session modules in do_setusercontext may have 436 * PAM session modules in do_setusercontext may have
437 * generated messages, so if this in an interactive 437 * generated messages, so if this in an interactive
438@@ -2112,7 +2112,7 @@ session_pty_req(Session *s) 438@@ -2134,7 +2134,7 @@ session_pty_req(Session *s)
439 tty_parse_modes(s->ttyfd, &n_bytes); 439 tty_parse_modes(s->ttyfd, &n_bytes);
440 440
441 if (!use_privsep) 441 if (!use_privsep)
diff --git a/debian/patches/shell-path.patch b/debian/patches/shell-path.patch
index 953bae5d0..ea8f2d685 100644
--- a/debian/patches/shell-path.patch
+++ b/debian/patches/shell-path.patch
@@ -1,4 +1,4 @@
1From 434f7bc6f37b86a449d3d975fad53233f4c141f2 Mon Sep 17 00:00:00 2001 1From a8c208a1f6b234a3bf0206c7bce2aaa27b88b46a Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:00 +0000 3Date: Sun, 9 Feb 2014 16:10:00 +0000
4Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand 4Subject: Look for $SHELL on the path for ProxyCommand/LocalCommand
diff --git a/debian/patches/sigstop.patch b/debian/patches/sigstop.patch
index e022fa53f..590f55539 100644
--- a/debian/patches/sigstop.patch
+++ b/debian/patches/sigstop.patch
@@ -1,4 +1,4 @@
1From e66add5020e18f6dd9b942b46e02d9b20e24edcc Mon Sep 17 00:00:00 2001 1From 2b25784cfb29177fe9e19546981ab698eb422b9f Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:17 +0000 3Date: Sun, 9 Feb 2014 16:10:17 +0000
4Subject: Support synchronisation with service supervisor using SIGSTOP 4Subject: Support synchronisation with service supervisor using SIGSTOP
diff --git a/debian/patches/ssh-agent-setgid.patch b/debian/patches/ssh-agent-setgid.patch
index a2f23396e..5d64655e5 100644
--- a/debian/patches/ssh-agent-setgid.patch
+++ b/debian/patches/ssh-agent-setgid.patch
@@ -1,4 +1,4 @@
1From d7698edca3667ffacae051582028eb3971928edc Mon Sep 17 00:00:00 2001 1From 3e0e43c3840d4df2e44435a41981fd1eef5030b4 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:13 +0000 3Date: Sun, 9 Feb 2014 16:10:13 +0000
4Subject: Document consequences of ssh-agent being setgid in ssh-agent(1) 4Subject: Document consequences of ssh-agent being setgid in ssh-agent(1)
diff --git a/debian/patches/ssh-argv0.patch b/debian/patches/ssh-argv0.patch
index f830f2cf2..6cb4a8472 100644
--- a/debian/patches/ssh-argv0.patch
+++ b/debian/patches/ssh-argv0.patch
@@ -1,4 +1,4 @@
1From 30dfe2ed8df15c27b53c883c1b718b13416299d5 Mon Sep 17 00:00:00 2001 1From af8f74e50c8b6f49d85bd03c64e92260ae95ef59 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:10:10 +0000 3Date: Sun, 9 Feb 2014 16:10:10 +0000
4Subject: ssh(1): Refer to ssh-argv0(1) 4Subject: ssh(1): Refer to ssh-argv0(1)
diff --git a/debian/patches/ssh-vulnkey-compat.patch b/debian/patches/ssh-vulnkey-compat.patch
index f2bb35326..7ff30093a 100644
--- a/debian/patches/ssh-vulnkey-compat.patch
+++ b/debian/patches/ssh-vulnkey-compat.patch
@@ -1,4 +1,4 @@
1From 68e8163d9209f731c582fe5350002c51c9551983 Mon Sep 17 00:00:00 2001 1From 50201dd1c0a38e8a26d614b1679981610a8effc5 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@ubuntu.com> 2From: Colin Watson <cjwatson@ubuntu.com>
3Date: Sun, 9 Feb 2014 16:09:50 +0000 3Date: Sun, 9 Feb 2014 16:09:50 +0000
4Subject: Accept obsolete ssh-vulnkey configuration options 4Subject: Accept obsolete ssh-vulnkey configuration options
diff --git a/debian/patches/syslog-level-silent.patch b/debian/patches/syslog-level-silent.patch
index 5ac2fc593..fe72ff7ba 100644
--- a/debian/patches/syslog-level-silent.patch
+++ b/debian/patches/syslog-level-silent.patch
@@ -1,4 +1,4 @@
1From c87856cd1b99bc4188b145b0689af5e1d1babe24 Mon Sep 17 00:00:00 2001 1From b8c3ad59100fedf8aaab9986b55c9307c599ec61 Mon Sep 17 00:00:00 2001
2From: Jonathan David Amery <jdamery@ysolde.ucam.org> 2From: Jonathan David Amery <jdamery@ysolde.ucam.org>
3Date: Sun, 9 Feb 2014 16:09:54 +0000 3Date: Sun, 9 Feb 2014 16:09:54 +0000
4Subject: "LogLevel SILENT" compatibility 4Subject: "LogLevel SILENT" compatibility
diff --git a/debian/patches/systemd-readiness.patch b/debian/patches/systemd-readiness.patch
index 3c2c67cda..ae66bee27 100644
--- a/debian/patches/systemd-readiness.patch
+++ b/debian/patches/systemd-readiness.patch
@@ -1,4 +1,4 @@
1From a7c8a6babe3b4c47fd00bdbefc22fc10d97b9a26 Mon Sep 17 00:00:00 2001 1From 8eec1f49bed1e85e4534067c4290662b7bcc3f34 Mon Sep 17 00:00:00 2001
2From: Michael Biebl <biebl@debian.org> 2From: Michael Biebl <biebl@debian.org>
3Date: Mon, 21 Dec 2015 16:08:47 +0000 3Date: Mon, 21 Dec 2015 16:08:47 +0000
4Subject: Add systemd readiness notification support 4Subject: Add systemd readiness notification support
diff --git a/debian/patches/user-group-modes.patch b/debian/patches/user-group-modes.patch
index 456944f6b..79536fd47 100644
--- a/debian/patches/user-group-modes.patch
+++ b/debian/patches/user-group-modes.patch
@@ -1,4 +1,4 @@
1From 6f05f80017871238b4e50fc4e09d57d722416743 Mon Sep 17 00:00:00 2001 1From 4176718757a83a831028f468ff66cedd291c24b9 Mon Sep 17 00:00:00 2001
2From: Colin Watson <cjwatson@debian.org> 2From: Colin Watson <cjwatson@debian.org>
3Date: Sun, 9 Feb 2014 16:09:58 +0000 3Date: Sun, 9 Feb 2014 16:09:58 +0000
4Subject: Allow harmless group-writability 4Subject: Allow harmless group-writability
diff --git a/session.c b/session.c
index 99ec6f363..f246b8a62 100644
--- a/session.c
+++ b/session.c
@@ -46,6 +46,7 @@
46 46
47#include <arpa/inet.h> 47#include <arpa/inet.h>
48 48
49#include <ctype.h>
49#include <errno.h> 50#include <errno.h>
50#include <fcntl.h> 51#include <fcntl.h>
51#include <grp.h> 52#include <grp.h>
@@ -274,6 +275,21 @@ do_authenticated(Authctxt *authctxt)
274 do_cleanup(authctxt); 275 do_cleanup(authctxt);
275} 276}
276 277
278/* Check untrusted xauth strings for metacharacters */
279static int
280xauth_valid_string(const char *s)
281{
282 size_t i;
283
284 for (i = 0; s[i] != '\0'; i++) {
285 if (!isalnum((u_char)s[i]) &&
286 s[i] != '.' && s[i] != ':' && s[i] != '/' &&
287 s[i] != '-' && s[i] != '_')
288 return 0;
289 }
290 return 1;
291}
292
277/* 293/*
278 * Prepares for an interactive session. This is called after the user has 294 * Prepares for an interactive session. This is called after the user has
279 * been successfully authenticated. During this message exchange, pseudo 295 * been successfully authenticated. During this message exchange, pseudo
@@ -347,7 +363,13 @@ do_authenticated1(Authctxt *authctxt)
347 s->screen = 0; 363 s->screen = 0;
348 } 364 }
349 packet_check_eom(); 365 packet_check_eom();
350 success = session_setup_x11fwd(s); 366 if (xauth_valid_string(s->auth_proto) &&
367 xauth_valid_string(s->auth_data))
368 success = session_setup_x11fwd(s);
369 else {
370 success = 0;
371 error("Invalid X11 forwarding data");
372 }
351 if (!success) { 373 if (!success) {
352 free(s->auth_proto); 374 free(s->auth_proto);
353 free(s->auth_data); 375 free(s->auth_data);
@@ -2178,7 +2200,13 @@ session_x11_req(Session *s)
2178 s->screen = packet_get_int(); 2200 s->screen = packet_get_int();
2179 packet_check_eom(); 2201 packet_check_eom();
2180 2202
2181 success = session_setup_x11fwd(s); 2203 if (xauth_valid_string(s->auth_proto) &&
2204 xauth_valid_string(s->auth_data))
2205 success = session_setup_x11fwd(s);
2206 else {
2207 success = 0;
2208 error("Invalid X11 forwarding data");
2209 }
2182 if (!success) { 2210 if (!success) {
2183 free(s->auth_proto); 2211 free(s->auth_proto);
2184 free(s->auth_data); 2212 free(s->auth_data);
diff --git a/version.h b/version.h
index 236dd8779..0840a1a66 100644
--- a/version.h
+++ b/version.h
@@ -2,7 +2,7 @@
2 2
3#define SSH_VERSION "OpenSSH_7.2" 3#define SSH_VERSION "OpenSSH_7.2"
4 4
5#define SSH_PORTABLE "p1" 5#define SSH_PORTABLE "p2"
6#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE 6#define SSH_RELEASE_MINIMUM SSH_VERSION SSH_PORTABLE
7#ifdef SSH_EXTRAVERSION 7#ifdef SSH_EXTRAVERSION
8#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION 8#define SSH_RELEASE SSH_RELEASE_MINIMUM " " SSH_EXTRAVERSION