OpenSSH heads-up
Matthew Dillon
dillon at apollo.backplane.com
Tue Sep 16 09:32:03 PDT 2003
:
:On Tue, Sep 16, 2003 at 06:05:43PM +0200, Udo Schweigert wrote:
:> On Tue, Sep 16, 2003 at 08:43:47 -0500, Jacques A. Vidrine wrote:
:> > OK, an official OpenSSH advisory was released, see here:
:> > <URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html >
:> >
:> > The fix is currently in FreeBSD -CURRENT and -STABLE. It will be
:> > applied to the security branches as well today. Attached are patches:
:> >
:> > buffer46.patch -- For FreeBSD 4.6-RELEASE and later
:> > buffer45.patch -- For FreeBSD 4.5-RELEASE and earlier
:> >
:>
:> And what about the port /usr/ports/security/openssh-portable? It should - at
:> least - be fixed for the 4.9-RELEASE.
:
:Ports fixed about 3 hours 27 minutes ago :-)
:
:Cheers,
:--
:Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal
:nectar at celabo.org . jvidrine at verio.net . nectar at freebsd.org . nectar at kth.se
:_______________________________________________
:freebsd-security at freebsd.org mailing list
:http://lists.freebsd.org/mailman/listinfo/freebsd-security
:To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"
I've been staring at the patch for 30 minutes and I can't figure
out what it is supposed to fix. Is there some other thread or
signal or something that might access the buffer while it's length
is in an indeterminant state? The code doesn't seem to be structured
for that case.
-Matt
Matthew Dillon
<dillon at backplane.com>
More information about the freebsd-security
mailing list