git: 1980b3dfa1f1 - stable/12 - openssh: Fix pre-authentication remote code execution in sshd.

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Ed Maste <emaste_at_FreeBSD.org>
Date: Thu, 04 Jul 2024 12:55:44 UTC

The branch stable/12 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=1980b3dfa1f15920ebd268f51813eacd87432f27

commit 1980b3dfa1f15920ebd268f51813eacd87432f27
Author:     Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2024-07-01 08:20:01 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2024-07-01 13:25:49 +0000

    openssh: Fix pre-authentication remote code execution in sshd.
    
    Reported by:    Qualys Threat Research Unit (TRU)
    Approved by:    so
    Security:       FreeBSD-SA-24:04.openssh
    Security:       CVE-2024-6387
    
    (cherry picked from commit 2abea9df01655633aabbb9bf3204c90722001202)
    (cherry picked from commit 25cf430cd551158135ef6f0c1aadf273ff3430c9)
---
 crypto/openssh/log.c     | 2 ++
 crypto/openssh/version.h | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c
index 99bf046a792a..55e112f839e0 100644
--- a/crypto/openssh/log.c
+++ b/crypto/openssh/log.c
@@ -451,12 +451,14 @@ void
 sshsigdie(const char *file, const char *func, int line, int showfunc,
     LogLevel level, const char *suffix, const char *fmt, ...)
 {
+#if 0
 	va_list args;
 
 	va_start(args, fmt);
 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
 	    suffix, fmt, args);
 	va_end(args);
+#endif
 	_exit(1);
 }
 
diff --git a/crypto/openssh/version.h b/crypto/openssh/version.h
index 3f7069aba20f..46d984ece1c0 100644
--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@@ -6,4 +6,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE
 
-#define SSH_VERSION_FREEBSD	"FreeBSD-20230719"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"