From owner-freebsd-security@freebsd.org Wed Mar 9 11:08:52 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E374BAC8BCA for ; Wed, 9 Mar 2016 11:08:52 +0000 (UTC) (envelope-from moeller@gonicus.de) Received: from mail-1.ar.gonicus.de (mail-1.gonicus.de [212.8.3.3]) by mx1.freebsd.org (Postfix) with ESMTP id A3070DFA for ; Wed, 9 Mar 2016 11:08:51 +0000 (UTC) (envelope-from moeller@gonicus.de) Received: from localhost (localhost [127.0.0.1]) by mail-1.ar.gonicus.de (Postfix) with ESMTP id 390A84CA262; Wed, 9 Mar 2016 11:59:04 +0100 (CET) Received: from mail-1.gonicus.de (localhost [127.0.0.1]) by mail-1.ar.gonicus.de (Postfix) with ESMTP id 06D134CA261; Wed, 9 Mar 2016 11:59:03 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by mail-1.gonicus.de (Postfix) with ESMTP id D107013C22; Wed, 9 Mar 2016 11:59:03 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by mail-1.gonicus.de (Postfix) with ESMTP id A042113C63; Wed, 9 Mar 2016 11:59:03 +0100 (CET) X-Virus-Scanned: by amavisd-new at gonicus.de Received: from mail-1.gonicus.de ([127.0.0.1]) by localhost (mail-1.gonicus.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zSkF3sfbVWfB; Wed, 9 Mar 2016 11:59:03 +0100 (CET) X-Virus-Scanner: This message was checked by ESET Mail Security for Linux/BSD. For more information on ESET Mail Security, please, visit our website: http://www.eset.com/. Received: from zarafa.ms.gonicus.de (zarafa.ms.gonicus.de [10.9.1.55]) by mail-1.gonicus.de (Postfix) with ESMTP id 39E0413C22; Wed, 9 Mar 2016 11:59:03 +0100 (CET) Subject: Re: openssl bug causes sshd crashed on FreeBSD 9.3-RELEASE From: =?utf-8?Q?Frank_M=C3=B6ller?= To: =?utf-8?Q?hirano=40t=2Ekanazawa-u=2Eac=2Ejp?= Cc: =?utf-8?Q?freebsd-security=40freebsd=2Eorg?= Date: Wed, 9 Mar 2016 11:59:03 +0100 Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-Mailer: Zarafa 7.1.14-51822 X-Original-To: Message-Id: X-ESET-AntiSpam: OK;0;calc;2016-03-09 11:59:03;1603091159030029;C0FA X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2016 11:08:53 -0000 Hello, I got the same problem here. After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes by signal 11 when I connect to the server with an old ssh client (e.g. OpenSSH_4.5p1).=20 Using a newer ssh client versions (e.g. OpenSSH_6.6.1p1 from FreeBSD 9.3-RELEASE-p10) the sshd works fine. Best Regards Frank Moeller --=20 Frank M"oller GONICUS GmbH > On FreeBSD 9.3-RELEASE-p37, sshd crashes by signal 11. > Mar=C2=A0 8 17:32:20 hostname kernel: pid 22651 (sshd), uid 0: exited on > signal 11 >=20 > On FreeBSD 10.1-RELEASE-p30, sshd works fine. >=20 > As far as I have examined, the reason is OpenSSL in base system. > The following tests have been performed on FreeBSD 9.3-RELEASE-p37: >=20 > (1) sshd in base system crashes. > (2) openssh-portable from pkg which uses base OpenSSL library crashes. > (3) openssh-portable from ports with OpenSSL from pkg works fine. >=20 > Therefore, I suggest that the openssl library in base system > might have a problem. >=20 > Best Regards, > ---- > Akihiro HIRANO, Kanazawa University > hirano at t.kanazawa-u.ac.jp