diff --git a/debian/changelog b/debian/changelog index 296c226..4b706c5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +openssh (1:9.7p1-4deepin2) unstable; urgency=medium + + * SECURITY: Race condition in sshd. + https://www.mail-archive.com/oss-security@lists.openwall.com/msg00233.html + + -- Tianyu Chen Mon, 01 Jul 2024 16:25:58 +0800 + openssh (1:9.7p1-4deepin1) unstable; urgency=medium * Refresh and re-apply deepin patches: diff --git a/debian/patches/series b/debian/patches/series index 3eae986..a01398e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -28,6 +28,7 @@ skip-utimensat-test-on-zfs.patch zero-call-used-regs-m68k.patch regress-conch-dev-zero.patch configure-cache-vars.patch +upstream-when-sending-ObscureKeystrokeTiming-chaff-p.patch deepin-extra-version.patch deepin-ssh-connect-idle-timeout.patch deepin-ssh-keygen-privatekey-file-perm.patch diff --git a/debian/patches/upstream-when-sending-ObscureKeystrokeTiming-chaff-p.patch b/debian/patches/upstream-when-sending-ObscureKeystrokeTiming-chaff-p.patch new file mode 100644 index 0000000..9bf5987 --- /dev/null +++ b/debian/patches/upstream-when-sending-ObscureKeystrokeTiming-chaff-p.patch @@ -0,0 +1,27 @@ +Subject: [PATCH] upstream: when sending ObscureKeystrokeTiming chaff packets, + we + +can't rely on channel_did_enqueue to tell that there is data to send. This +flag indicates that the channels code enqueued a packet on _this_ ppoll() +iteration, not that data was enqueued in _any_ ppoll() iteration in the +timeslice. ok markus@ + +OpenBSD-Commit-ID: 009b74fd2769b36b5284a0188ade182f00564136 + +--- a/clientloop.c ++++ b/clientloop.c +@@ -607,8 +607,9 @@ obfuscate_keystroke_timing(struct ssh *ssh, struct timespec *timeout, + if (timespeccmp(&now, &chaff_until, >=)) { + /* Stop if there have been no keystrokes for a while */ + stop_reason = "chaff time expired"; +- } else if (timespeccmp(&now, &next_interval, >=)) { +- /* Otherwise if we were due to send, then send chaff */ ++ } else if (timespeccmp(&now, &next_interval, >=) && ++ !ssh_packet_have_data_to_write(ssh)) { ++ /* If due to send but have no data, then send chaff */ + if (send_chaff(ssh)) + nchaff++; + } +-- +2.43.4 +