openssh bugs - May 2019 - [Bug 3007] New: Provide regression tests for scp vulnerabilities

https://bugzilla.mindrot.org/show_bug.cgi?id=3007

            Bug ID: 3007
           Summary: Provide regression tests for scp vulnerabilities
           Product: Portable OpenSSH
           Version: 8.0p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: Regression tests
          Assignee: unassigned-bugs at mindrot.org
          Reporter: jjelen at redhat.com

Created attachment 3280
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3280&action=edit
Patch from sintonen.fi

The original reporter provided a list of test cases to extend the
existing regression tests for scp, but they were not incorporated into
the tree with the final patches.

I am not sure whether there was some specific reason for this omission
or it was intentional, but having this inside of package regression
testsuite sounds very useful for QA of the tool.
>From what I see, they cover the three vulnerabilities:
 * empty or dot filename: CVE-2018-20685
 * sending additional files by malicious server: CVE-2019-6111

See attached patch (subset of the patch provided on the advisory page
below). I successfully verified that it works fine with 8.0, but fails
with 7.9.

https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3007

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Blocks|                            |2988
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
applied - thanks


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=2988
[Bug 2988] Tracking bug for 8.1 release
-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3007

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |CLOSED

--- Comment #2 from Damien Miller <djm at mindrot.org> ---
closing resolved bugs as of 8.6p1 release

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.