Bug 104551 - CAN-2003-0695 Additional OpenSSH security fixes
CAN-2003-0695 Additional OpenSSH security fixes
Status: CLOSED ERRATA
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
9
All Linux
high Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
http://www.openssh.com/txt/buffer.adv
: Security
: 104573 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2003-09-16 21:44 EDT by William Hooper
Modified: 2014-01-21 17:48 EST (History)
10 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-09-18 06:07:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
patch for 7.x building (1.87 KB, patch)
2003-09-17 02:28 EDT, Seth Vidal
no flags Details | Diff

  None (edit)
Description William Hooper 2003-09-16 21:44:22 EDT
Description of problem:
It looks like more issues were found after the release of OpenSSH 3.7 (and RHSA-
2003:279).

Quote:

Security Changes:
=================

  All versions of OpenSSH's sshd prior to 3.7.1 contain buffer
  management errors.  It is uncertain whether these errors are
  potentially exploitable, however, we prefer to see bugs
  fixed proactively.

  OpenSSH 3.7 fixed one of these bugs.

  OpenSSH 3.7.1 fixes more similar bugs.


Version-Release number of selected component (if applicable):
Comment 1 Seth Vidal 2003-09-17 00:57:07 EDT
http://www.openssh.com/txt/buffer.adv

the first patch listed here is needed for the packages in rhl 7.x, 8.0 and 9.

At the time the patched packages were pushed from red hat today the above patch
wasn't out yet.

I've just built some packages with the above patch applied, they appear to check
out normally in my rudimentary QA.

I'd attach a src.rpm but the change is trivial
Comment 2 Seth Vidal 2003-09-17 02:28:01 EDT
Created attachment 94548 [details]
patch for 7.x building

This is the modifications to the new patches from the advisories for rhl 7.x
systems.

I've tested this on 7.3. It should work on 7.2 and 7.1.

packages built and tested from this appear to be happy.
Comment 3 Mark J. Cox (Product Security) 2003-09-17 03:55:58 EDT
I've allocated CAN-2003-0695 to these additional fixes and we're working on
updating our package sets.
Comment 4 Mark J. Cox (Product Security) 2003-09-17 11:45:58 EDT
*** Bug 104573 has been marked as a duplicate of this bug. ***
Comment 5 Barry K. Nathan 2003-09-17 14:26:35 EDT
http://www.openpkg.org/security/OpenPKG-SA-2003.040-openssh.html

This page claims there are *four* more OpenSSH holes (and claims to have
corrected packages).
Comment 6 Barry K. Nathan 2003-09-17 14:46:41 EDT
Following up on my previous comment, another patch; I'm guessing it applies to
OpenSSH 3.7.1p1 but I haven't tried applying it yet:
http://cvs.openpkg.org/chngview?cn=12268

I think other branches of OpenPKG CVS have patches against older OpenSSH versions.
Comment 7 Seth Vidal 2003-09-17 18:35:11 EDT
Just a note: Wanted to thank the red hat security/openssh people for getting to
this so quickly.

If you find your way near duke univ I'll be glad to buy you all a $beverage.

Comment 8 Mark J. Cox (Product Security) 2003-09-18 06:07:05 EDT
Our update was released yesterday and included the additional fixes from Solar
Designer. 

http://rhn.redhat.com/errata/RHSA-2003-279.html

Note You need to log in before you can comment on or make changes to this bug.