From nobody Tue Feb 18 17:57:19 2025 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Yy6g36wYsz5nxkL for ; Tue, 18 Feb 2025 17:57:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Yy6g30n3Tz3l25 for ; Tue, 18 Feb 2025 17:57:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1739901439; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5wycvtwhlrapnGov/gYPyBCZmfAxwiloRjrxXkLWuSA=; b=rfx5V0eExyAPlIShPAYQoVp7W1oUysMjOxgYRia2K4ws1di/5DgPU6yhvzSH20Fp4eslEb khF5b6LNE/9xs9AFvmIGjXGl8zdHK5p2up1WRqPFQmv7rb9lRTSBeMC6vUEXhA4C5/M2b0 EYlqcR66e/qW6L1SiRKE02Isuz6jZQN+CIH+5JZZtcd4iASWgxuwsPdziHbYa/7yJ7MWoV bQO7kgrsJlZJY2FD2xEJHeNiJpq2IMq4j60VLFwl4JMLiREa2OwyNmLvIrKdJ3J01Iljy2 9XJYKC6zFbIzltGMdQrbj+GsqwxIDWXf7roU/izY6be0wgscsm2nvKKbXmzC7w== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1739901439; a=rsa-sha256; cv=none; b=gCH1S4KgiwSmXOjGDJQt3DT/kYX18GYU9enMPHpX9ziafphW75GE9iCvJ1vM5kFH8tFFoe jAsmz6c98JWnX75q6+84LF32pb4LZTa1rh7YMkoiRNH8TrudFCq8/16xRA6Xyi/ni5ijpy wyGMV9dncQ71+0GDPBemyA1HhwHiRgwzqDnAHnLemN5g7ChuvKirk8zGXQi4chhcEZPhdi JR+2IQM/YYL6a9omvybZiwco8sQiKR18jI07FJ75GZiCUDyWBHu8sMXzmb1OruUvTyEFxW zFFd7vRfWbwSJ24m5F2HJBJPaUF1JFDWXjtpiX4NeuhRSEgEvNvMR+mAa90/wg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1739901439; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=5wycvtwhlrapnGov/gYPyBCZmfAxwiloRjrxXkLWuSA=; b=vaZYtObx3YvxJazb3OvdCbir1OPtGx7Qo7pIKXmtluGYSY2awGtaBV0hTvUwooB+GGubW9 Uxg5EdU7zJaHZqOUyJ3sRWNx8VNoYRmgaHVfplJoU3QxecY53d4ecqJTgKnEwXe5OdkAit kUJnU2NtSrY2kZNMLdrja93UsEkP5etVVUEDJLobyo2J6nGBop57KqJjj+Aa69Ku22no29 +Nf3u3iaYOChhxpP679hcMS+ZWwZCdmAQ14EO+CVwnOuoeGOVwb9wbjJhoSIDFy9yx5ykx Iy8opz0v1YMwCJTKFnP9JTBd7GQIF2MXRfv8DsESO7YJmF2wHFKKoTMfrJQ8wQ== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Yy6g308jkzTtc for ; Tue, 18 Feb 2025 17:57:19 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 51IHvIKN043237 for ; Tue, 18 Feb 2025 17:57:18 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 51IHvIu4043235 for bugs@FreeBSD.org; Tue, 18 Feb 2025 17:57:18 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 284883] openssh 9.9p2 security release Date: Tue, 18 Feb 2025 17:57:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: bin X-Bugzilla-Version: Unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: doctor@doctor.nl2k.ab.ca X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="UTF-8" X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@FreeBSD.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D284883 Bug ID: 284883 Summary: openssh 9.9p2 security release Product: Base System Version: Unspecified Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: doctor@doctor.nl2k.ab.ca Got this this morning OpenSSH 9.9p2 has just been released. It will be available from the mirrors listed at https://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html Changes since OpenSSH 9.9p1 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D This release fixes two security bugs. Security =3D=3D=3D=3D=3D=3D=3D=3D * Fix CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1 (inclusive) contained a logic error that allowed an on-path attacker (a.k.a MITM) to impersonate any server when the VerifyHostKeyDNS option is enabled. This option is off by default. * Fix CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1 (inclusive) is vulnerable to a memory/CPU denial-of-service related to the handling of SSH2_MSG_PING packets. This condition may be mitigated using the existing PerSourcePenalties feature. Both vulnerabilities were discovered and demonstrated to be exploitable by the Qualys Security Advisory team. We thank them for their detailed review of OpenSSH. For OpenBSD, fixes to these problems are available as errata; refer to https://www.openbsd.org/errata.html Bugfixes =3D=3D=3D=3D=3D=3D=3D=3D * ssh(1), sshd(8): fix regression in Match directive that caused failures when predicates and their arguments were separated by '=3D' characters instead of whitespace (bz3739). * sshd(8): fix the "Match invalid-user" predicate, which was matching incorrectly in the initial pass of config evaluation. * ssh(1), sshd(8), ssh-keyscan(1): fix mlkem768x25519-sha256 key exchange on big-endian systems. * Fix a number of build problems on particular operating systems / configurations. Checksums: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D - SHA1 (openssh-9.9p2.tar.gz) =3D edefe960645780dee78059c444d4261667ad3056 - SHA256 (openssh-9.9p2.tar.gz) =3D karbYD4IzChe3fll4RmdAlhfqU2ZTWyuW0Hhch= 4hVnM=3D Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc Reporting Bugs: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D - Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev Does this affect FreeBSD? --=20 You are receiving this mail because: You are the assignee for the bug.=