Date: Mon, 1 Jul 2024 08:22:13 GMT From: Philip Paeps <philip@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 620a6a54bb7b - stable/14 - openssh: Fix pre-authentication remote code execution in sshd. Message-ID: <202407010822.4618MDN4084401@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/14 has been updated by philip: URL: https://cgit.FreeBSD.org/src/commit/?id=620a6a54bb7bb6e1c5607092b6ec49e353e0925f commit 620a6a54bb7bb6e1c5607092b6ec49e353e0925f Author: Philip Paeps <philip@FreeBSD.org> AuthorDate: 2024-07-01 08:20:01 +0000 Commit: Philip Paeps <philip@FreeBSD.org> CommitDate: 2024-07-01 08:21:19 +0000 openssh: Fix pre-authentication remote code execution in sshd. Reported by: Qualys Threat Research Unit (TRU) Approved by: so Security: FreeBSD-SA-24:04.openssh Security: CVE-2024-6387 (cherry picked from commit 2abea9df01655633aabbb9bf3204c90722001202) --- crypto/openssh/log.c | 2 ++ crypto/openssh/version.h | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c index 9fc1a2e2eaf6..436c75630181 100644 --- a/crypto/openssh/log.c +++ b/crypto/openssh/log.c @@ -451,12 +451,14 @@ void sshsigdie(const char *file, const char *func, int line, int showfunc, LogLevel level, const char *suffix, const char *fmt, ...) { +#if 0 va_list args; va_start(args, fmt); sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL, suffix, fmt, args); va_end(args); +#endif _exit(1); } diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h index cfbb749c0d04..836b5650b247 100644 --- a/crypto/openssh/version.h +++ b/crypto/openssh/version.h @@ -5,4 +5,4 @@ #define SSH_PORTABLE "p1" #define SSH_RELEASE SSH_VERSION SSH_PORTABLE -#define SSH_VERSION_FREEBSD "FreeBSD-20240318" +#define SSH_VERSION_FREEBSD "FreeBSD-20240701"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202407010822.4618MDN4084401>