From 5a2b79ba44ed4a37fe76ed14f82329b34036732d Mon Sep 17 00:00:00 2001 From: Tianyu Chen Date: Mon, 1 Jul 2024 17:14:36 +0800 Subject: [PATCH] SECURITY: Race condition in sshd --- debian/changelog | 7 +++++++ .../patches/disable-logging-in-sshsigdie.patch | 17 +++++++++++++++++ debian/patches/series | 1 + 3 files changed, 25 insertions(+) create mode 100644 debian/patches/disable-logging-in-sshsigdie.patch diff --git a/debian/changelog b/debian/changelog index 296c226..578eb9b 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +openssh (1:9.7p1-4deepin2) unstable; urgency=high + + * Disable logging in sshsigdie. + https://seclists.org/oss-sec/2024/q3/2 + + -- Tianyu Chen Mon, 01 Jul 2024 17:13:27 +0800 + openssh (1:9.7p1-4deepin1) unstable; urgency=medium * Refresh and re-apply deepin patches: diff --git a/debian/patches/disable-logging-in-sshsigdie.patch b/debian/patches/disable-logging-in-sshsigdie.patch new file mode 100644 index 0000000..322bbe3 --- /dev/null +++ b/debian/patches/disable-logging-in-sshsigdie.patch @@ -0,0 +1,17 @@ +--- a/log.c ++++ b/log.c +@@ -452,12 +452,14 @@ void + sshsigdie(const char *file, const char *func, int line, int showfunc, + LogLevel level, const char *suffix, const char *fmt, ...) + { ++#if 0 + va_list args; + + va_start(args, fmt); + sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, + suffix, fmt, args); + va_end(args); ++#endif + _exit(1); + } + diff --git a/debian/patches/series b/debian/patches/series index 3eae986..2875788 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -31,3 +31,4 @@ configure-cache-vars.patch deepin-extra-version.patch deepin-ssh-connect-idle-timeout.patch deepin-ssh-keygen-privatekey-file-perm.patch +disable-logging-in-sshsigdie.patch