Date: Wed, 2 Nov 2016 06:58:48 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r308199 - stable/10/crypto/openssh Message-ID: <201611020658.uA26wmiA066797@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Wed Nov 2 06:58:47 2016 New Revision: 308199 URL: https://svnweb.freebsd.org/changeset/base/308199 Log: MFC r308197: MFV r308196: Fix OpenSSH remote Denial of Service vulnerability. Security: CVE-2016-8858 Modified: stable/10/crypto/openssh/kex.c Directory Properties: stable/10/ (props changed) Modified: stable/10/crypto/openssh/kex.c ============================================================================== --- stable/10/crypto/openssh/kex.c Wed Nov 2 06:56:35 2016 (r308198) +++ stable/10/crypto/openssh/kex.c Wed Nov 2 06:58:47 2016 (r308199) @@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se if (kex == NULL) return SSH_ERR_INVALID_ARGUMENT; + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); ptr = sshpkt_ptr(ssh, &dlen); if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) return r;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611020658.uA26wmiA066797>