Mercurial Mercurial > upstream > oracle > userland-gate / file revision
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
components/openssh/patches/049-kexinit_mem_exhaust.patch
author pkidd <patrick.kidd@oracle.com>
Thu, 01 Dec 2016 09:15:00 -0800
branchs11u3-sru
changeset 7423 a17eef087a5e
parent 7320 edeb951aa980
permissions -rw-r--r--
Added tag 0.175.3.15.0.4.0, S11.3SRU15.4 for changeset f2e0a2f2bfc0

#
# Unregister the KEXINIT handler after message has been received.
#
# CVE-2016-8858
#
# Patch source: upstream
# https://github.com/openssh/openssh-portable/commit/ec165c392ca54317dbe
#
# We will drop this patch when upgrading to OpenSSH 7.4 or later.
#
diff -pur old/kex.c new/kex.c
--- old/kex.c
+++ new/kex.c
@@ -517,6 +517,7 @@ kex_input_kexinit(int type, u_int32_t se
 	if (kex == NULL)
 		return SSH_ERR_INVALID_ARGUMENT;
 
+	ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
 	ptr = sshpkt_ptr(ssh, &dlen);
 	if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
 		return r;
upstream/oracle/userland-gate