mirror of
https://git.yoctoproject.org/poky
synced 2026-07-15 15:37:03 +00:00
openssh: patch CVE-2026-35388
Backport patch from [1] matching CVE description in [2] and change described in release note [3]. [1] https://github.com/openssh/openssh-portable/commit/c805b97b67c774e0bf922ffb29dfbcda9d7b5add [2] https://security-tracker.debian.org/tracker/CVE-2026-35388 [3] https://www.openssh.org/releasenotes.html#10.3p1 (From OE-Core rev: f8786d027cdf04072fb5f716135127c334dbea6e) Signed-off-by: Theo Gaige (Schneider Electric) <tgaige.opensource@witekio.com> Reviewed-by: Bruno Vernay <bruno.vernay@se.com> Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Signed-off-by: Paul Barker <paul@pbarker.dev>
This commit is contained in:
committed by
Paul Barker
parent
473edc73e6
commit
0c7beb2bd7
@@ -0,0 +1,47 @@
|
||||
From be42fe5ce64f2798048161a891083ef12780ca2a Mon Sep 17 00:00:00 2001
|
||||
From: "djm@openbsd.org" <djm@openbsd.org>
|
||||
Date: Thu, 2 Apr 2026 07:39:57 +0000
|
||||
Subject: [PATCH] upstream: add missing askpass check when using
|
||||
|
||||
ControlMaster=ask/autoask and "ssh -O proxy ..."; reported by Michalis
|
||||
Vasileiadis
|
||||
|
||||
OpenBSD-Commit-ID: 8dd7b9b96534e9a8726916b96d36bed466d3836a
|
||||
|
||||
CVE: CVE-2026-35388
|
||||
Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/c805b97b67c774e0bf922ffb29dfbcda9d7b5add]
|
||||
Signed-off-by: Theo Gaige (Schneider Electric) <tgaige.opensource@witekio.com>
|
||||
---
|
||||
mux.c | 12 +++++++++++-
|
||||
1 file changed, 11 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/mux.c b/mux.c
|
||||
index d598a17e2..c841feb79 100644
|
||||
--- a/mux.c
|
||||
+++ b/mux.c
|
||||
@@ -1,4 +1,4 @@
|
||||
-/* $OpenBSD: mux.c,v 1.101 2023/11/23 03:37:05 dtucker Exp $ */
|
||||
+/* $OpenBSD: mux.c,v 1.113 2026/04/02 07:39:57 djm Exp $ */
|
||||
/*
|
||||
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
|
||||
*
|
||||
@@ -1137,6 +1137,16 @@ mux_master_process_proxy(struct ssh *ssh, u_int rid,
|
||||
|
||||
debug_f("channel %d: proxy request", c->self);
|
||||
|
||||
+ if (options.control_master == SSHCTL_MASTER_ASK ||
|
||||
+ options.control_master == SSHCTL_MASTER_AUTO_ASK) {
|
||||
+ if (!ask_permission("Allow multiplex proxy connection?")) {
|
||||
+ debug2_f("proxy refused by user");
|
||||
+ reply_error(reply, MUX_S_PERMISSION_DENIED, rid,
|
||||
+ "Permission denied");
|
||||
+ return 0;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
c->mux_rcb = channel_proxy_downstream;
|
||||
if ((r = sshbuf_put_u32(reply, MUX_S_PROXY)) != 0 ||
|
||||
(r = sshbuf_put_u32(reply, rid)) != 0)
|
||||
--
|
||||
2.43.0
|
||||
|
||||
@@ -36,6 +36,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
|
||||
file://CVE-2025-61984.patch \
|
||||
file://CVE-2026-35385.patch \
|
||||
file://CVE-2026-35387.patch \
|
||||
file://CVE-2026-35388.patch \
|
||||
"
|
||||
SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user