Re: Close OpenSSH hole on a supported server without shutting down?

In reply to: Andrea Venturoli : "Close OpenSSH hole on a supported server without shutting down?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Christos Chatzaras <chris_at_cretaforce.gr>
Date: Wed, 03 Jul 2024 07:06:47 UTC

> On 3 Jul 2024, at 09:42, Andrea Venturoli <ml@netfence.it> wrote:
> 
> On 7/3/24 02:50, Brett Glass wrote:
>> Hello!
> 
> Same question here, but for supported versions (13.3 and 14.x).
> 
> Is the following enough?
> 
>> cd /usr/src
>> make buildworld
>> cd /usr/src/secure/usr.sbin/sshd/
>> make install
>> cd /usr/src/secure/lib/libssh/
>> make install
>> service sshd restart
> 
> bye & Thanks
> av.
> 
> P.S.
> Out of mere curiosity:
> _ all articles I read say that this is a vulnerability found in OpenSSH’s server in *glibc-based* Linux systems;
> _ I would desume that non-glibc-based systems are not vulnerable;
> _ but FreeBSD is???
> 

Here are the commands I used:

gitup release
cd /usr/src/secure/usr.sbin/sshd/
make all
make install
cd /usr/src/secure/lib/libssh/
make all
make install

Before running these commands, the date was "OpenSSH_9.6 FreeBSD-20240104," and after executing them, the date updated to "OpenSSH_9.6 FreeBSD-20240701."

To be certain, I plan to do a full rebuild today.