untrusted comment: signature from openbsd 6.0 base secret key
RWSho3oKSqgLQ+nvjojNv0BETtBpdOsfAjnPnz8Ko3XL5UcaGDRRrkHt9GulGnU/URXBZxe3q32aOgGIe01P3mF9iSo0umkskAQ=

OpenBSD 6.0 errata 13, Oct 10, 2016:

A protocol parsing bug in sshd can lead to unauthenticated memory
and CPU consumption.

Apply by doing:
   signify -Vep /etc/signify/openbsd-60-base.pub -x 013_ssh_kexinit.patch.sig \
       -m - | (cd /usr/src && patch -p0)

And then rebuild and install sshd:
   cd /usr/src/usr.bin/ssh
   make obj
   make depend
   make
   make install

Index: usr.bin/ssh/kex.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/kex.c,v
retrieving revision 1.118
retrieving revision 1.118.4.1
diff -p -u -IOpenBSD -r1.118 -r1.118.4.1
--- usr.bin/ssh/kex.c   2 May 2016 10:26:04 -0000       1.118
+++ usr.bin/ssh/kex.c   10 Oct 2016 19:35:47 -0000      1.118.4.1
@@ -452,6 +452,7 @@ kex_input_kexinit(int type, u_int32_t se
       if (kex == NULL)
               return SSH_ERR_INVALID_ARGUMENT;

+       ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
       ptr = sshpkt_ptr(ssh, &dlen);
       if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
               return r;

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.