bugzilla-daemon at mindrot.org
2024-May-28 03:14 UTC
[Bug 3694] New: Which patch fixes the CanonicalizeHostname vulnerability?
https://bugzilla.mindrot.org/show_bug.cgi?id=3694 Bug ID: 3694 Summary: Which patch fixes the CanonicalizeHostname vulnerability? Product: Portable OpenSSH Version: -current Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: rmsh1216 at 163.com As it is written in the security(https://www.openssh.com/security.html): February 2, 2023 ssh(1) in OpenSSH between and 6.5 and 9.1 (inclusive). ssh(1) failed to check DNS names returned from libc for validity. If the CanonicalizeHostname and CanonicalizePermittedCNAMEs options were enabled, and the system/libc resolver did not check that names in DNS responses were valid, then use of these options could allow an attacker with control of DNS to include invalid characters (possibly including wildcards) in names added to known_hosts files when they were updated. These names would still have to match the CanonicalizePermittedCNAMEs allow-list, so practical exploitation appears unlikely. This bug is corrected in OpenSSH 9.2. But I do not find the fix patch, please let me know, thanks a lot. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2024-May-28 08:10 UTC
[Bug 3694] Which patch fixes the CanonicalizeHostname vulnerability?
https://bugzilla.mindrot.org/show_bug.cgi?id=3694 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #1 from Damien Miller <djm at mindrot.org> --- It's this one: https://github.com/openssh/openssh-portable/commit/445363433ba20b8a3e655 -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.