fix CVE-2024-6387

backport-fix-CVE-2024-6387.patch

@@ -0,0 +1,28 @@
+Reference:https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
+Conflict:NA
+---
+ log.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/log.c b/log.c
+index dca08e4..5ca403a 100644
+--- a/log.c
++++ b/log.c
+@@ -458,12 +458,14 @@ void
+ sshsigdie(const char *file, const char *func, int line, int showfunc,
+     LogLevel level, const char *suffix, const char *fmt, ...)
+ {
++#if 0
+ 	va_list args;
+ 
+ 	va_start(args, fmt);
+ 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
+ 	    suffix, fmt, args);
+ 	va_end(args);
++#endif
+ 	_exit(1);
+ }
+ 
+-- 
+2.33.0
+

openssh.spec

@@ -6,7 +6,7 @@
 %{?no_gtk2:%global gtk2 0}
 
 %global sshd_uid    74
-%global openssh_release 30
+%global openssh_release 31
 
 Name:           openssh
 Version:        8.8p1
@@ -131,6 +131,7 @@ Patch101:       backport-upstream-In-channel_request_remote_forwarding-the-pa.pa
 Patch102:       backport-CVE-2023-51385-upstream-ban-user-hostnames-with-most-shell-metachar.patch
 Patch103:       backport-CVE-2023-48795.patch
 Patch104:       fix-memory-leak-in-kex-exchange.patch 
+Patch105:       backport-fix-CVE-2024-6387.patch
 
 Requires:       /sbin/nologin
 Requires:       libselinux >= 2.3-5 audit-libs >= 1.0.8
@@ -312,6 +313,7 @@ popd
 %patch102 -p1
 %patch103 -p1
 %patch104 -p1
+%patch105 -p1
 
 autoreconf
 pushd pam_ssh_agent_auth-pam_ssh_agent_auth-0.10.4
@@ -518,6 +520,12 @@ getent passwd sshd >/dev/null || \
 %attr(0644,root,root) %{_mandir}/man8/sftp-server.8*
 
 %changelog
+* Tue Jul 2 2024 renmingshuai<renmingshuai@huawei.com> - 8.8p1-31
+- Type:CVE
+- CVE:CVE-2024-6387
+- SUG:NA
+- DESC:Fix CVE-2024-6387
+
 * Mon Apr 29 2024 renmingshuai<renmingshuai@huawei.com> - 8.8p1-30
 - Type:bugfix
 - CVE: