Bug 233801 - FreeBSD 11.x vulnerability in OpenSSH
Summary: FreeBSD 11.x vulnerability in OpenSSH
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: bin (show other bugs)
Version: 11.2-RELEASE
Hardware: Any Any
: --- Affects Many People
Assignee: Security Team
URL: https://nvd.nist.gov/vuln/detail/CVE-...
Keywords: needs-qa, security
Depends on:
Blocks:
 
Reported: 2018-12-05 14:27 UTC by Dani
Modified: 2018-12-07 10:05 UTC (History)
3 users (show)

See Also:
koobs: mfc-stable11?


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dani 2018-12-05 14:27:23 UTC
https://nvd.nist.gov/vuln/detail/CVE-2017-15906 - Has not been fixed in FreeBSD 11.x

Is there a special reason for this or was it forgotten? 

These are the mentioned lines: https://svnweb.freebsd.org/base/releng/11.2/crypto/openssh/sftp-server.c?view=markup#l694

A fix is availible (and has been released with v7.6 - so FBSD 12 isn't vulnerable) - see: 
   https://github.com/vmware/photon/blob/master/SPECS/openssh/openssh-CVE-2017-15906.patch
or from OpenBSD: 
   https://github.com/openbsd/src/commit/a6981567e8e215acc1ef690c8dbb30f2d9b00a19
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-07 10:04:15 UTC
See Also: http://lists.nycbug.org/pipermail/talk/2017-December/017442.html where eadler apparently looped secteam in
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2018-12-07 10:05:46 UTC
HEAD received the OpenSSH 7.6p1 update in base r333389 so stable/12 has it