Date: Wed, 9 Mar 2016 15:01:25 +0100 From: Peter <list-freebsd-security@jyborn.se> To: "freebsd-security@freebsd.org" <freebsd-security@freebsd.org> Subject: Re: openssl bug causes sshd crashed on FreeBSD 9.3-RELEASE Message-ID: <20160309140125.GH13515@pol-server.leissner.se>
next in thread | raw e-mail | index | archive | help
On Wed, Mar 09, 2016 at 09:32:34PM +0900, Akihiro HIRANO wrote: > Hi, > > On 2016/03/09 19:59, Frank Möller wrote: > >I got the same problem here. > > > >After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes by signal 11 > > when I connect to the server with an old ssh client (e.g. OpenSSH_4.5p1). > >Using a newer ssh client versions (e.g. OpenSSH_6.6.1p1 from FreeBSD 9.3-RELEASE-p10) > > the sshd works fine. > > Hum... I tried OpenSSH_6.6.1p1 client on 9.3-RELEASE-p37 > and OpenSSH_6.4p1 client on 10.0-RELEASE-p18. > Both clients cause sshd on 9.3-RELEASE-p37 crashed by signal 11. > > > Another admin states that postfix smtpd also has the same problem. > Using security/openssl is also a workaround for this case. A much worse problem, for me at least, is that 9.3-RELEASE-p37 makes apache crash with signal 11. I only tried this in a web server running https, so I don't know if apache running only http also crashes. Luckily I use freebsd-update, so I could solve the problem easily with freebsd-update rollback. Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160309140125.GH13515>