[Midnightbsd-cvs] [MidnightBSD/src] 49d618: A signal handler in sshd(8) calls a function that ...
Lucas Holt
noreply at github.com
Mon Jul 1 09:56:31 EDT 2024
Branch: refs/heads/stable/3.1
Home: https://github.com/MidnightBSD/src
Commit: 49d618a77d51d7d5b705addd02096120ae24b97d
https://github.com/MidnightBSD/src/commit/49d618a77d51d7d5b705addd02096120ae24b97d
Author: Lucas Holt <luke at foolishgames.com>
Date: 2024-07-01 (Mon, 01 Jul 2024)
Changed paths:
M crypto/openssh/log.c
M crypto/openssh/version.h
Log Message:
-----------
A signal handler in sshd(8) calls a function that is not async-signal-safe.
The signal handler is invoked when a client does not authenticate within the
LoginGraceTime seconds (120 by default). This signal handler executes in the
context of the sshd(8)'s privileged code, which is not sandboxed and runs
with full root privileges.
This issue is a regression of CVE-2006-5051 originally reported by Mark Dowd
and accidentally reintroduced in OpenSSH 8.5p1.
Obtained from: OpenSSH/FreeBSD
Commit: 99535b3ece12c141a176538a4aa9b2a039c5f3f1
https://github.com/MidnightBSD/src/commit/99535b3ece12c141a176538a4aa9b2a039c5f3f1
Author: Lucas Holt <luke at foolishgames.com>
Date: 2024-07-01 (Mon, 01 Jul 2024)
Changed paths:
M UPDATING
M sys/conf/newvers.sh
Log Message:
-----------
bump for openssh cve
Compare: https://github.com/MidnightBSD/src/compare/799f334a36b0...99535b3ece12
To unsubscribe from these emails, change your notification settings at https://github.com/MidnightBSD/src/settings/notifications
More information about the Midnightbsd-cvs
mailing list