diff options
| author | Philip Paeps <philip@FreeBSD.org> | 2024-07-01 08:20:01 +0000 |
|---|---|---|
| committer | Philip Paeps <philip@FreeBSD.org> | 2024-07-01 08:25:43 +0000 |
| commit | 70eb00f17b310f599b60939c1afa326c7b2c390c (patch) | |
| tree | 4ba2335bbfa079a3aae55c170859b28d58050391 | |
| parent | bdba8eaa3db6b667ac811c69d5aca46e8bf3cf8b (diff) | |
| download | src-70eb00f17b310f599b60939c1afa326c7b2c390c.tar.gz src-70eb00f17b310f599b60939c1afa326c7b2c390c.zip | |
openssh: Fix pre-authentication remote code execution in sshd.
Reported by: Qualys Threat Research Unit (TRU)
Approved by: so
Security: FreeBSD-SA-24:04.openssh
Security: CVE-2024-6387
(cherry picked from commit 2abea9df01655633aabbb9bf3204c90722001202)
(cherry picked from commit 620a6a54bb7bb6e1c5607092b6ec49e353e0925f)
| -rw-r--r-- | crypto/openssh/log.c | 2 | ||||
| -rw-r--r-- | crypto/openssh/version.h | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c index 99bf046a792a..55e112f839e0 100644 --- a/crypto/openssh/log.c +++ b/crypto/openssh/log.c @@ -451,12 +451,14 @@ void sshsigdie(const char *file, const char *func, int line, int showfunc, LogLevel level, const char *suffix, const char *fmt, ...) { +#if 0 va_list args; va_start(args, fmt); sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, suffix, fmt, args); va_end(args); +#endif _exit(1); } diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index ba3690668818..56d02fbe9c86 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -5,4 +5,4 @@ #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20231004" +#define SSH_VERSION_FREEBSD "FreeBSD-20240701" |