Red Hat Bugzilla – Bug 104573
Buffer managment errors in OpenSSH < 3.7.1
Last modified: 2007-03-27 00:09:49 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-AU; rv:1.5a) Gecko/20030801
Description of problem:
Buffer managment errors have been discorever in OpenSSH 3.7.0 and below, this
has been said to be remotely exploitable.
OpenSSH should therefore be upgraded to 3.7.1 in rawhide and no doubt in RedHat
Linux 9.0, 8.0, 7.3, 7.2, 7.1.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Actual Results: See description
Expected Results: See description
These are the changes that need to be made. This is a very similar fix to
yesterday's buffer.c patch which does need to be applied to yesterday's errata.
*** This bug has been marked as a duplicate of 104551 ***
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.