openssh unix dev - Dec 2016 - Need Help to Fix CVE-2016-6210

Hi All,

Actually I am working with the OpenSSH version 6.2p which is vulnerable to
above mentioned vulnerabilities (CVE-2016-6210).

So am looking for some help how I can fix these vulnerabilities in my
version. I need to fix it in the OpenSSH code.

Regards
Abhishek

See
https://anongit.mindrot.org/openssh.git/commit/?id=283b97ff33ea2c641161950849931bd578de6946
and
https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc

On Tue, Dec 20, 2016 at 6:00 PM, abhi dhiman <abhi.dhiman83 at gmail.com>
wrote:
> Hi All,
>
> Actually I am working with the OpenSSH version 6.2p which is vulnerable to
> above mentioned vulnerabilities (CVE-2016-6210).
>
> So am looking for some help how I can fix these vulnerabilities in my
> version. I need to fix it in the OpenSSH code.
>
> Regards
> Abhishek
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

On Tue, Dec 20, 2016 at 6:11 PM, Darren Tucker <dtucker at zip.com.au>
wrote:
> See
https://anongit.mindrot.org/openssh.git/commit/?id=283b97ff33ea2c641161950849931bd578de6946
> and
https://anongit.mindrot.org/openssh.git/commit/?id=9286875a73b2de7736b5e50692739d314cd8d9dc
Also
https://anongit.mindrot.org/openssh.git/commit/?id=dbf788b4d9d9490a5fff08a7b09888272bb10fcc
if it's possible that your root accounts do not have valid password
strings.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.