Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
Bug 104573 - Buffer managment errors in OpenSSH < 3.7.1
Buffer managment errors in OpenSSH < 3.7.1
Status: CLOSED DUPLICATE of bug 104551
Product: Red Hat Raw Hide
Classification: Retired
Component: openssh (Show other bugs)
All Linux
high Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
: Security
Depends On:
  Show dependency treegraph
Reported: 2003-09-17 09:34 EDT by Alan Sanderson
Modified: 2007-03-27 00:09 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-02-21 13:58:36 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Alan Sanderson 2003-09-17 09:34:26 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-AU; rv:1.5a) Gecko/20030801
Mozilla Firebird/0.6.1

Description of problem:
Buffer managment errors have been discorever in OpenSSH 3.7.0 and below, this
has been said to be remotely exploitable.
OpenSSH should therefore be upgraded to 3.7.1 in rawhide and no doubt in RedHat
Linux 9.0, 8.0, 7.3, 7.2, 7.1.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.See description

Actual Results:  See description

Expected Results:  See description

Additional info:

Comment 1 Hrunting Johnson 2003-09-17 10:37:16 EDT

These are the changes that need to be made.  This is a very similar fix to
yesterday's buffer.c patch which does need to be applied to yesterday's errata.
Comment 2 Mark J. Cox 2003-09-17 11:45:56 EDT

*** This bug has been marked as a duplicate of 104551 ***
Comment 3 Red Hat Bugzilla 2006-02-21 13:58:36 EST
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.