From owner-freebsd-security@freebsd.org Wed Mar 9 12:32:43 2016 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C3550AC7C15 for ; Wed, 9 Mar 2016 12:32:43 +0000 (UTC) (envelope-from hirano@t.kanazawa-u.ac.jp) Received: from mailwd01.kanazawa-u.ac.jp (mailwd01.kanazawa-u.ac.jp [133.28.3.23]) (using TLSv1.1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8A00EC8A for ; Wed, 9 Mar 2016 12:32:43 +0000 (UTC) (envelope-from hirano@t.kanazawa-u.ac.jp) Received: from mailvc04.kanazawa-u.ac.jp (mailvc04.kanazawa-u.ac.jp [133.28.3.94]) by mailwd01.kanazawa-u.ac.jp (Postfix) with ESMTP id 0BAF03C04BC for ; Wed, 9 Mar 2016 21:32:32 +0900 (JST) Received: from mailvc04.kanazawa-u.ac.jp (localhost [127.0.0.1]) by localhost.kanazawa-u.ac.jp (Postfix) with ESMTP id EF31343257 for ; Wed, 9 Mar 2016 21:32:31 +0900 (JST) Received: from smtp01.kanazawa-u.ac.jp (smtp01.kanazawa-u.ac.jp [133.28.3.64]) by mailvc04.kanazawa-u.ac.jp (Postfix) with ESMTP id DCF6743253 for ; Wed, 9 Mar 2016 21:32:31 +0900 (JST) Received: from mail.se.kanazawa-u.ac.jp (mail.se.kanazawa-u.ac.jp [133.28.0.131]) by smtp01.kanazawa-u.ac.jp (Postfix) with ESMTP id CDE2F11605A; Wed, 9 Mar 2016 21:32:31 +0900 (JST) Received: from [192.168.1.197] (canes.ec.t.kanazawa-u.ac.jp [133.28.97.35]) (Authenticated sender: hirano@se.kanazawa-u.ac.jp) by mail.se.kanazawa-u.ac.jp (Postfix) with ESMTPSA id 938FE4E61B; Wed, 9 Mar 2016 21:32:31 +0900 (JST) Subject: Re: openssl bug causes sshd crashed on FreeBSD 9.3-RELEASE References: To: "freebsd-security@freebsd.org" From: Akihiro HIRANO Message-ID: <56E017E2.9060305@t.kanazawa-u.ac.jp> Date: Wed, 9 Mar 2016 21:32:34 +0900 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-MML: No X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2016 12:32:43 -0000 Hi, On 2016/03/09 19:59, Frank Möller wrote: > I got the same problem here. > > After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes by signal 11 > when I connect to the server with an old ssh client (e.g. OpenSSH_4.5p1). > Using a newer ssh client versions (e.g. OpenSSH_6.6.1p1 from FreeBSD 9.3-RELEASE-p10) > the sshd works fine. Hum... I tried OpenSSH_6.6.1p1 client on 9.3-RELEASE-p37 and OpenSSH_6.4p1 client on 10.0-RELEASE-p18. Both clients cause sshd on 9.3-RELEASE-p37 crashed by signal 11. Another admin states that postfix smtpd also has the same problem. Using security/openssl is also a workaround for this case. Best Regards, ---- Akihiro HIRANO, Kanazawa University hirano@t.kanazawa-u.ac.jp