A while back someone discovered a bug prior to OpenSSH v6.9 relating to use of
the "-X" option (X11 forwarding) option for the SSH client. The CVE entry
contains links to a couple other sites:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5352
The OpenSSH v6.9 release notes (http://www.openssh.com/txt/release-6.9) mention
this as a security bugfix, but don't indicate if the problem existed in
versions earlier than v6.8; FreeBSD 9.3-RELEASE, 10.1-RELEASE, and 10.2-RELEASE
appear to have v6.6.1 (although linked against different versions of OpenSSL).
I've searched FreeBSD's security advisories, but see no mention of this bug at
all (certainly not in the most recent OpenSSH advisories). Top search hits in
Google for this CVE show a couple Linux distros (RedHat and Ubuntu) mention it.
For what it's worth, RedHat's declining to fix it in RHEL 5, deferring the fix
in RHEL 6, and says RHEL 7 is not affected. Ubuntu's support mentions it but
describes no plans to fix it.
Are any of you aware of a patch for this that's been committed unannounced? It
strikes me as a somewhat esoteric bug, but I promised someone I'd ask around
about it. If no patch is committed, is the plan to just defer this one until
later?
--
Alan Amesbury
University Information Security
http://umn.edu/lookup/amesbury
_______________________________________________
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
