From owner-freebsd-ports-bugs@FreeBSD.ORG Thu Jan 20 21:00:18 2011 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7CBC0106566C for ; Thu, 20 Jan 2011 21:00:18 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 3E95A8FC16 for ; Thu, 20 Jan 2011 21:00:18 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p0KL0Imf014441 for ; Thu, 20 Jan 2011 21:00:18 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p0KL0I8Y014420; Thu, 20 Jan 2011 21:00:18 GMT (envelope-from gnats) Resent-Date: Thu, 20 Jan 2011 21:00:18 GMT Resent-Message-Id: <201101202100.p0KL0I8Y014420@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Kevin Oberman Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6D470106566B for ; Thu, 20 Jan 2011 20:56:09 +0000 (UTC) (envelope-from oberman@es.net) Received: from mailgw.es.net (mail1.es.net [IPv6:2001:400:201:1::2]) by mx1.freebsd.org (Postfix) with ESMTP id 5A3848FC19 for ; Thu, 20 Jan 2011 20:56:09 +0000 (UTC) Received: from ptavv.es.net (ptavv.es.net [IPv6:2001:400:910::29]) by mailgw.es.net (8.14.3/8.14.3) with ESMTP id p0KKu8NT021150 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Thu, 20 Jan 2011 12:56:09 -0800 Received: by ptavv.es.net (Tachyon Server, from userid 9381) id 3FE0C1CC0C; Thu, 20 Jan 2011 12:56:08 -0800 (PST) Message-Id: <20110120205608.3FE0C1CC0C@ptavv.es.net> Date: Thu, 20 Jan 2011 12:56:08 -0800 (PST) From: Kevin Oberman To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: ports/154175: Newer version of OpenSSH-portable needed X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Kevin Oberman List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Jan 2011 21:00:18 -0000 >Number: 154175 >Category: ports >Synopsis: Newer version of OpenSSH-portable needed >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 20 21:00:17 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Kevin Oberman >Release: FreeBSD 8.2-PRERELEASE i386 >Organization: ESnet - The Energy Sciences Network >Environment: System: FreeBSD ptavv.es.net 8.2-PRERELEASE FreeBSD 8.2-PRERELEASE #1: Fri Dec 3 09:14:10 PST 2010 root@ptavv.es.net:/usr/obj/usr/src/sys/PTAVV8 i386 >Description: OpenSC 0.12 has been added to the ports tree replacing 0.11.13. This version depends on the support for PKCS in OpenSSH, but FreeBSD still at the two year old 5.2.p1. PKCS11 support was added in version 5.4 and the curent version is 5.6. Until a new version of OpenSSH is available, we are stuck at 0.11.13 which has a known security vulnerability. (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4523) >How-To-Repeat: N/A >Fix: Port OpenSSH-5.4 or newer to FreeBSD >Release-Note: >Audit-Trail: >Unformatted: