Author: delphij
Date: Wed Nov 2 06:56:35 2016
New Revision: 308198
URL: https://svnweb.freebsd.org/changeset/base/308198
Log:
MFC r308197: MFV r308196:
Fix OpenSSH remote Denial of Service vulnerability.
Security: CVE-2016-8858
Modified:
stable/11/crypto/openssh/kex.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/11/crypto/openssh/kex.c
==============================================================================
--- stable/11/crypto/openssh/kex.c Wed Nov 2 06:49:25 2016
(r308197)
+++ stable/11/crypto/openssh/kex.c Wed Nov 2 06:56:35 2016
(r308198)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
+ ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, &dlen);
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "[email protected]"
