Opened 6 years ago
Closed 5 years ago
#58047 closed defect (fixed)
openssh @7.6p1_6: CVE-2018-20685, CVE-2019-6109 and CVE-2019-6111
Reported by: | piru (Harry Sintonen) | Owned by: | Ionic (Mihai Moldovan) |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | ports | Version: | 2.5.4 |
Keywords: | security | Cc: | |
Port: | openssh |
Description
CVE-2018-20685: https://anongit.mindrot.org/openssh.git/commit/?id=6010c0303a422a9c5fa8860c061bf7105eb7f8b2
CVE-2019-6109: https://anongit.mindrot.org/openssh.git/commit/?id=8976f1c4b2721c26e878151f52bdf346dfe2d54c
CVE-2019-6111: https://anongit.mindrot.org/openssh.git/commit/?id=391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
Change History (5)
comment:1 Changed 6 years ago by Schamschula (Marius Schamschula)
Keywords: | haspatch removed |
---|
comment:3 Changed 6 years ago by danielluke (Daniel J. Luke)
If the gsskex variant is the only thing holding the port back, we should just update it to the current version (which is 8.0p1 now) and put the gsskex in a different port (or drop it and let someone who is interested in it do the work of making it work for each release).
comment:4 Changed 5 years ago by Ionic (Mihai Moldovan)
Owner: | set to Ionic |
---|---|
Status: | new → accepted |
comment:5 Changed 5 years ago by Mihai Moldovan <ionic@…>
Resolution: | → fixed |
---|---|
Status: | accepted → closed |
Note: See
TracTickets for help on using
tickets.
The current version of
openssh
is 7.9p1. The blocker here is the+gsskex
variant, it is non-trivial to keep it up to date.