[Midnightbsd-cvs] src [7434] stable/0.7/crypto/openssh/ssh.c: Disable roaming to prevent OpenSSH security issue in the client

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Thu Jan 14 21:29:45 EST 2016 

Revision: 7434
          http://svnweb.midnightbsd.org/src/?rev=7434
Author:   laffer1
Date:     2016-01-14 21:29:45 -0500 (Thu, 14 Jan 2016)
Log Message:
-----------
Disable roaming to prevent OpenSSH security issue in the client

Modified Paths:
--------------
    stable/0.7/UPDATING
    stable/0.7/crypto/openssh/readconf.c
    stable/0.7/crypto/openssh/ssh.c

Property Changed:
----------------
    stable/0.7/
    stable/0.7/crypto/openssh/

Index: stable/0.7
===================================================================
--- stable/0.7	2016-01-15 02:27:24 UTC (rev 7433)
+++ stable/0.7	2016-01-15 02:29:45 UTC (rev 7434)

Property changes on: stable/0.7
___________________________________________________________________
Modified: svn:mergeinfo
## -1 +1 ##
-/trunk:7416,7419,7421,7425
\ No newline at end of property
+/trunk:7416,7419,7421,7425,7433
\ No newline at end of property
Modified: stable/0.7/UPDATING
===================================================================
--- stable/0.7/UPDATING	2016-01-15 02:27:24 UTC (rev 7433)
+++ stable/0.7/UPDATING	2016-01-15 02:29:45 UTC (rev 7434)
@@ -1,6 +1,10 @@
 Updating Information for MidnightBSD users.
 
 20160114:
+	OpenSSH
+	
+	Disable roaming to mitigate a security issue with OpenSSH.
+
 	0.7.3 RELEASE
 
 	OpenSSL

Index: stable/0.7/crypto/openssh
===================================================================
--- stable/0.7/crypto/openssh	2016-01-15 02:27:24 UTC (rev 7433)
+++ stable/0.7/crypto/openssh	2016-01-15 02:29:45 UTC (rev 7434)

Property changes on: stable/0.7/crypto/openssh
___________________________________________________________________
Modified: svn:mergeinfo
## -1,2 +1,3 ##
+/trunk/crypto/openssh:7433
 /vendor-crypto/openssh/6.6p1:6864
 /vendor-crypto/openssh/dist:6463-6862
\ No newline at end of property
Modified: stable/0.7/crypto/openssh/readconf.c
===================================================================
--- stable/0.7/crypto/openssh/readconf.c	2016-01-15 02:27:24 UTC (rev 7433)
+++ stable/0.7/crypto/openssh/readconf.c	2016-01-15 02:29:45 UTC (rev 7434)
@@ -1723,8 +1723,7 @@
 		options->tun_remote = SSH_TUNID_ANY;
 	if (options->permit_local_command == -1)
 		options->permit_local_command = 0;
-	if (options->use_roaming == -1)
-		options->use_roaming = 1;
+	options->use_roaming = 0;
 	if (options->visual_host_key == -1)
 		options->visual_host_key = 0;
 	if (options->ip_qos_interactive == -1)

Modified: stable/0.7/crypto/openssh/ssh.c
===================================================================
--- stable/0.7/crypto/openssh/ssh.c	2016-01-15 02:27:24 UTC (rev 7433)
+++ stable/0.7/crypto/openssh/ssh.c	2016-01-15 02:29:45 UTC (rev 7434)
@@ -1729,9 +1729,6 @@
 			fork_postauth();
 	}
 
-	if (options.use_roaming)
-		request_roaming();
-
 	return client_loop(tty_flag, tty_flag ?
 	    options.escape_char : SSH_ESCAPECHAR_NONE, id);
 }

More information about the Midnightbsd-cvs mailing list