https://bugzilla.mindrot.org/show_bug.cgi?id=3694
Bug ID: 3694
Summary: Which patch fixes the CanonicalizeHostname
vulnerability?
Product: Portable OpenSSH
Version: -current
Hardware: All
OS: All
Status: NEW
Severity: security
Priority: P5
Component: ssh
Assignee: [email protected]
Reporter: [email protected]
As it is written in the
security(https://www.openssh.com/security.html):
February 2, 2023
ssh(1) in OpenSSH between and 6.5 and 9.1 (inclusive).
ssh(1) failed to check DNS names returned from libc for validity.
If the CanonicalizeHostname and CanonicalizePermittedCNAMEs options
were enabled, and the system/libc resolver did not check that names in
DNS responses were valid, then use of these options could allow an
attacker with control of DNS to include invalid characters (possibly
including wildcards) in names added to known_hosts files when they were
updated. These names would still have to match the
CanonicalizePermittedCNAMEs allow-list, so practical exploitation
appears unlikely.
This bug is corrected in OpenSSH 9.2.
But I do not find the fix patch, please let me know, thanks a lot.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
