openssl bug causes sshd crashed on FreeBSD 9.3-RELEASE
Peter
list-freebsd-security at jyborn.se
Wed Mar 9 14:09:21 UTC 2016
On Wed, Mar 09, 2016 at 09:32:34PM +0900, Akihiro HIRANO wrote:
> Hi,
>
> On 2016/03/09 19:59, Frank Möller wrote:
> >I got the same problem here.
> >
> >After updating to FreeBSD 9.3-RELEASE-p37 sshd from the base system crashes by signal 11
> > when I connect to the server with an old ssh client (e.g. OpenSSH_4.5p1).
> >Using a newer ssh client versions (e.g. OpenSSH_6.6.1p1 from FreeBSD 9.3-RELEASE-p10)
> > the sshd works fine.
>
> Hum... I tried OpenSSH_6.6.1p1 client on 9.3-RELEASE-p37
> and OpenSSH_6.4p1 client on 10.0-RELEASE-p18.
> Both clients cause sshd on 9.3-RELEASE-p37 crashed by signal 11.
>
>
> Another admin states that postfix smtpd also has the same problem.
> Using security/openssl is also a workaround for this case.
A much worse problem, for me at least, is that 9.3-RELEASE-p37
makes apache crash with signal 11. I only tried this in a web
server running https, so I don't know if apache running only
http also crashes.
Luckily I use freebsd-update, so I could solve the problem
easily with freebsd-update rollback.
Peter
More information about the freebsd-security
mailing list