Date: Wed, 2 Nov 2016 06:56:36 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org Subject: svn commit: r308198 - stable/11/crypto/openssh Message-ID: <201611020656.uA26uaPv066681@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Wed Nov 2 06:56:35 2016 New Revision: 308198 URL: https://svnweb.freebsd.org/changeset/base/308198 Log: MFC r308197: MFV r308196: Fix OpenSSH remote Denial of Service vulnerability. Security: CVE-2016-8858 Modified: stable/11/crypto/openssh/kex.c Directory Properties: stable/11/ (props changed) Modified: stable/11/crypto/openssh/kex.c ============================================================================== --- stable/11/crypto/openssh/kex.c Wed Nov 2 06:49:25 2016 (r308197) +++ stable/11/crypto/openssh/kex.c Wed Nov 2 06:56:35 2016 (r308198) @@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se if (kex == NULL) return SSH_ERR_INVALID_ARGUMENT; + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); ptr = sshpkt_ptr(ssh, &dlen); if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) return r;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611020656.uA26uaPv066681>