From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on finch.gentoo.org X-Spam-Level: X-Spam-Status: No, score=-0.3 required=5.0 tests=DMARC_NONE, FSL_HELO_NON_FQDN_1,HELO_NO_DOMAIN,MAILING_LIST_MULTI,NICE_REPLY_A, RDNS_DYNAMIC autolearn=unavailable autolearn_force=no version=4.0.0 Received: from poseidon (a81065.upc-a.chello.nl [62.163.81.65]) by chiba.3jane.net (Postfix) with ESMTP id 4E9022015DD0 for ; Thu, 7 Mar 2002 11:53:54 -0600 (CST) Received: from zeus ([192.168.0.2] helo=zeus.mine.nu) by poseidon with smtp (Exim 3.34 #1 (Debian)) id 16j2Fg-00005R-00 for ; Thu, 07 Mar 2002 19:04:28 +0100 Date: Thu, 7 Mar 2002 18:50:32 +0100 From: Ferry Meyndert To: gentoo-dev@gentoo.org Subject: Re: [gentoo-dev] OpenSSH Security Fix. Message-Id: <20020307185032.5359836c.m0rpheus@gentoo.org> In-Reply-To: <3C87C7E7.9040407@cdavies.org> References: <1015438682.30336.9.camel@katios.nolabel.net> <20020306203417.46DFD33B3B@cismrelais.univ-lyon1.fr> <1015460426.12140.19.camel@katios.nolabel.net> <1015460618.12461.23.camel@katios.nolabel.net> <3C87C7E7.9040407@cdavies.org> Organization: Gentoo X-Mailer: Sylpheed version 0.7.2 (GTK+ 1.2.10; i686-pc-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: gentoo-dev-admin@gentoo.org Errors-To: gentoo-dev-admin@gentoo.org X-BeenThere: gentoo-dev@gentoo.org X-Mailman-Version: 2.0.6 Precedence: bulk Reply-To: gentoo-dev@gentoo.org List-Help: List-Post: List-Subscribe: , List-Id: Gentoo Linux developer list List-Unsubscribe: , List-Archive: X-Archives-Salt: cce8a9b2-16ad-4106-9940-68aa00bf9ee8 X-Archives-Hash: d90f5b6830fb42846f3ed684e0bea491 Its allready fixed in gentoo here is a copy of the anouncement send to the anouncement list. - -------------------------------------------------------------------------- GENTOO LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE :openssh SUMMARY :vulnerable to a off-by-one error in the channel code DATE :2002-04-7 18:02:00 - -------------------------------------------------------------------------- OVERVIEW A bug exists in the channel code of OpenSSH versions 2.0 - 3.0.2 Users with an existing user account can abuse this bug to gain root privileges. Exploitability without an existing user account has not been proven but is not considered impossible. A malicious ssh server could also use this bug to exploit a connecting vulnerable client. DETAIL http://www.pine.nl/advisories/pine-cert-20020301.txt SOLUTION It is recommended that all openssh users apply the update Portage Auto: emerge rsync emerge update emerge update --world Portage by hand: emerge rsync emerge net-misc/openssh Manually: Download the new openssh package here and follow in file instructions: ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.1p1.tar.gz - -------------------------------------------------------------------------- Ferry Meyndert m0rpheus@gentoo.org - -------------------------------------------------------------------------- On Thu, 07 Mar 2002 20:04:55 +0000 Chris Davies wrote: > Hi, > > I haven't seen anything in bugs or this list about this, so here is the > news: > CERT have issued an advisory about OpenSSH, the bug in question enables > existing users to gain root privelidges. > The advisory is here: http://www.pine.nl/advisories/pine-cert-20020301.txt > The fix is to upgrade to the latest OpenSSH (3.1p1) ASAP. > May I politely suggest that a new ebuild be constructed post-haste? :) > Anyway, for those at risk, I have constructed an emergency ebuild and > digest file, so you may upgrade immediately. > The files can be found here: http://www.cdavies.org/gentoo/ > > Put the digest file in /usr/portage/net-misc/openssh/files and the > ebuild in /usr/portage/net-misc/openssh and rerun emerge openssh. > > If anyone thinks it is worthwhile, I will also post this message to the > gentoo users list, but at present I'm not going to do that. > Thanks, > C.Davies > (c.davies@cdavies.org) > > > _______________________________________________ > gentoo-dev mailing list > gentoo-dev@gentoo.org > http://lists.gentoo.org/mailman/listinfo/gentoo-dev