Attachment #251810 for bug #280068

View | Details | Raw Unified | Return to bug 280068
Collapse All | Expand All

Lines 1-6 Link Here

(-)b/security/openssh-portable/Makefile (-1 / +1 lines)
1	PORTNAME= openssh	1	PORTNAME= openssh
2	DISTVERSION= 9.7p1	2	DISTVERSION= 9.7p1
3	PORTREVISION= 0	3	PORTREVISION= 1
4	PORTEPOCH= 1	4	PORTEPOCH= 1
5	CATEGORIES= security	5	CATEGORIES= security
6	MASTER_SITES= OPENBSD/OpenSSH/portable	6	MASTER_SITES= OPENBSD/OpenSSH/portable




From 8f80def8aa085385dc4fe4668f0e29d3a0dc8510 Mon Sep 17 00:00:00 2001
From: Philip Paeps <philip@FreeBSD.org>
Date: Mon, 1 Jul 2024 16:20:01 +0800
Subject: openssh: Fix pre-authentication remote code execution in sshd.

Reported by:	Qualys Threat Research Unit (TRU)
Approved by:	so
Security:	FreeBSD-SA-24:04.openssh
Security:	CVE-2024-6387

(cherry picked from commit 2abea9df01655633aabbb9bf3204c90722001202)
(cherry picked from commit 620a6a54bb7bb6e1c5607092b6ec49e353e0925f)
---
 crypto/openssh/log.c     | 2 ++
 crypto/openssh/version.h | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c
index 9fc1a2e2eaf6..436c75630181 100644
--- log.c.orig
+++ log.c
@@ -451,12 +451,14 @@ void
 sshsigdie(const char *file, const char *func, int line, int showfunc,
     LogLevel level, const char *suffix, const char *fmt, ...)
 {
+#if 0
 	va_list args;
 
 	va_start(args, fmt);
 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
 	    suffix, fmt, args);
 	va_end(args);
+#endif
 	_exit(1);
 }
 

Return to bug 280068

Added Link Here

(-)b/security/openssh-portable/files/patch-CVE-2024-6387 (+36 lines)
1	From 8f80def8aa085385dc4fe4668f0e29d3a0dc8510 Mon Sep 17 00:00:00 2001
2	From: Philip Paeps <philip@FreeBSD.org>
3	Date: Mon, 1 Jul 2024 16:20:01 +0800
4	Subject: openssh: Fix pre-authentication remote code execution in sshd.
5
6	Reported by: Qualys Threat Research Unit (TRU)
7	Approved by: so
8	Security: FreeBSD-SA-24:04.openssh
9	Security: CVE-2024-6387
10
11	(cherry picked from commit 2abea9df01655633aabbb9bf3204c90722001202)
12	(cherry picked from commit 620a6a54bb7bb6e1c5607092b6ec49e353e0925f)
13	---
14	crypto/openssh/log.c \| 2 ++
15	crypto/openssh/version.h \| 2 +-
16	2 files changed, 3 insertions(+), 1 deletion(-)
17
18	diff --git a/crypto/openssh/log.c b/crypto/openssh/log.c
19	index 9fc1a2e2eaf6..436c75630181 100644
20	--- log.c.orig
21	+++ log.c
22	@@ -451,12 +451,14 @@ void
23	sshsigdie(const char file, const char func, int line, int showfunc,
24	LogLevel level, const char suffix, const char fmt, ...)
25	{
26	+#if 0
27	va_list args;
28
29	va_start(args, fmt);
30	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
31	suffix, fmt, args);
32	va_end(args);
33	+#endif
34	_exit(1);
35	}
36