thr3ads.net - freebsd stable - svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man [Mar 2016]

If this information is useful, please help other people find it:
Share via:

Mike Tancsa

2016-Mar-08 12:45 UTC

svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man

Hi,
	I tried on 2 separate boxes, and sshd segfaults when this rev is applied

	---Mike

On 3/7/2016 11:18 AM, Xin LI wrote:> Author: delphij
> Date: Mon Mar  7 16:18:07 2016
> New Revision: 296462
> URL: https://svnweb.freebsd.org/changeset/base/296462
> 
> Log:
>   Fix multiple OpenSSL vulnerabilities as published in
>   OpenSSL advisory on 2016/03/01:
>   
>   constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF.
>   [CVE-2016-0702, upstream d6482a8. 5ea08bd, d6d422e,
>   8fc8f48 317be63 skipped intentionally as we are not
>   using the code on FreeBSD.  Backport done by jkim at .
>   
>   Fix memory issues in BIO_*printf functions.
>   [CVE-2016-0799, upstream d889682, a801bf2].
>   
>   Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption.
>   [CVE-2016-0797, upstream 8f65132].
>   
>   Disable SSLv2 in default negotiation and weak ciphers.
>   [CVE-2016-0800 "DROWN", upstream 56f1acf5].  Note that
>   support of SSLv2 is not removed in order to preserve
>   ABI compatibility, and application may still explicitly
>   ask for vulnerable protocol or ciphers.
>   
>   In collaboration with: jkim

-- 
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada   http://www.tancsa.com/

Craig Green

2016-Mar-08 18:13 UTC

head link

[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man

On 2016-03-08 7:45 AM, Mike Tancsa wrote:> Hi,
> 	I tried on 2 separate boxes, and sshd segfaults when this rev is applied
>
> 	---Mike
Just adding some debug logs showing a couple places where sshd exited. 
Encryption algorithm, kex and hmac didn't seem to matter.

Craig.
------


Mar  7 16:59:53 smtp1 sshd[40348]: debug1: rexec start in 5 out 5 
newsock 5 pipe 7 sock 8
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: inetd sockets after dupping: 3, 3
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: res_init()
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: HPN Disabled: 0, HPN Buffer 
Size: 65536
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: Client protocol version 2.0; 
client software version SecureCRT_6.6.1 (x64 build 289) SecureCRT
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: no match: SecureCRT_6.6.1 
(x64 build 289) SecureCRT
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: Enabling compatibility mode 
for protocol 2.0
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: Local version string 
SSH-2.0-OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: list_hostkey_types: 
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: SSH2_MSG_KEXINIT sent
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: SSH2_MSG_KEXINIT received
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: kex: client->server 
aes256-ctr hmac-sha1 none
Mar  7 16:59:53 smtp1 sshd[40348]: debug1: kex: server->client 
aes256-ctr hmac-sha1 none
Mar  7 16:59:53 smtp1 kernel: pid 40348 (sshd), uid 0: exited on signal 11


Mar  7 17:01:39 smtp1 sshd[46204]: debug1: rexec start in 5 out 5 
newsock 5 pipe 7 sock 8
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: inetd sockets after dupping: 3, 3
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: res_init()
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: HPN Disabled: 0, HPN Buffer 
Size: 65536
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: Client protocol version 2.0; 
client software version OpenSSH_6.1_hpn13v11 FreeBSD-20120901
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: match: OpenSSH_6.1_hpn13v11 
FreeBSD-20120901 pat OpenSSH* compat 0x04000000
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: Enabling compatibility mode 
for protocol 2.0
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: Local version string 
SSH-2.0-OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: list_hostkey_types: 
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: SSH2_MSG_KEXINIT sent
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: SSH2_MSG_KEXINIT received
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: kex: client->server 
aes128-ctr hmac-md5 none
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: kex: server->client 
aes128-ctr hmac-md5 none
Mar  7 17:01:39 smtp1 sshd[46204]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT
Mar  7 17:01:40 smtp1 kernel: pid 46204 (sshd), uid 0: exited on signal 11


Mar  7 17:02:01 smtp1 sshd[47350]: debug1: rexec start in 5 out 5 
newsock 5 pipe 7 sock 8
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: inetd sockets after dupping: 3, 3
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: res_init()
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: HPN Disabled: 0, HPN Buffer 
Size: 65536
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: Client protocol version 2.0; 
client software version OpenSSH_6.1_hpn13v11 FreeBSD-20120901
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: match: OpenSSH_6.1_hpn13v11 
FreeBSD-20120901 pat OpenSSH* compat 0x04000000
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: Enabling compatibility mode 
for protocol 2.0
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: Local version string 
SSH-2.0-OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: list_hostkey_types: 
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: SSH2_MSG_KEXINIT sent
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: SSH2_MSG_KEXINIT received
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: kex: client->server 
aes128-ctr hmac-md5 none
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: kex: server->client 
aes128-ctr hmac-md5 none
Mar  7 17:02:01 smtp1 sshd[47350]: debug1: expecting SSH2_MSG_KEX_ECDH_INIT
Mar  7 17:02:01 smtp1 kernel: pid 47350 (sshd), uid 0: exited on signal 11


Mar  7 18:52:36 smtp1 sshd[1127]: debug1: rexec start in 5 out 5 newsock 
5 pipe 7 sock 8
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: inetd sockets after dupping: 3, 3
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: res_init()
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: HPN Disabled: 0, HPN Buffer 
Size: 65536
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: Client protocol version 2.0; 
client software version PuTTY_Release_0.60
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: no match: PuTTY_Release_0.60
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: Enabling compatibility mode 
for protocol 2.0
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: Local version string 
SSH-2.0-OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: list_hostkey_types: 
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: SSH2_MSG_KEXINIT sent
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: SSH2_MSG_KEXINIT received
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: kex: client->server aes256-ctr 
hmac-sha1 none
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: kex: server->client aes256-ctr 
hmac-sha1 none
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: 
SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
Mar  7 18:52:36 smtp1 sshd[1127]: debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
Mar  7 18:52:36 smtp1 kernel: pid 1127 (sshd), uid 0: exited on signal 11

freebsd stable - Mar 2016 - svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man

svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man

[FreeBSD-Stable] svn commit: r296462 - in stable/9: crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/doc/apps crypto/openssl/ssl secure/usr.bin/openssl/man