Bug 200241 - [security] security/openssh-portable - heap overflow
Summary: [security] security/openssh-portable - heap overflow
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Bryan Drewery
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-05-16 13:43 UTC by Sevan Janiyan
Modified: 2015-05-16 16:29 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (bdrewery)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Bryan Drewery freebsd_committer 2015-05-16 16:23:09 UTC
It seems really harmless, but I'll apply it anyway. Thanks for notifying me.
Comment 2 Bryan Drewery freebsd_committer 2015-05-16 16:28:50 UTC
Committed.
Comment 3 commit-hook freebsd_committer 2015-05-16 16:29:22 UTC
A commit references this bug:

Author: bdrewery
Date: Sat May 16 16:28:40 UTC 2015
New revision: 386554
URL: https://svnweb.freebsd.org/changeset/ports/386554

Log:
  Avoid a potential read overflow. This was not deemed a security issue by
  upstream; it was fixed upstream comprehensively a few weeks ago in
  77199d6ec8986d470487e66f8ea8f4cf43d2e20c.

  PR:		200241
  Patch by:	Hanno B?ck <hanno@hboeck.de>
  Obtained from:	http://www.openwall.com/lists/oss-security/2015/05/16/3

Changes:
  head/security/openssh-portable/Makefile
  head/security/openssh-portable/files/patch-compat.c