[Bug 3085] seccomp issue after upgrading openssl

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Thu Oct 31 13:54:46 AEDT 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=3085

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |djm at mindrot.org
             Blocks|                            |2988
           Severity|critical                    |major

--- Comment #3 from Damien Miller <djm at mindrot.org> ---
Please try -current, or cherry-pick this commit:

commit 3ef92a657444f172b61f92d5da66d94fa8265602
Author: Lonnie Abelbeck <lonnie at abelbeck.com>
Date:   Tue Oct 1 09:05:09 2019 -0500

    Deny (non-fatal) shmget/shmat/shmdt in preauth privsep child.

    New wait_random_seeded() function on OpenSSL 1.1.1d uses shmget,
shmat, and shmdt
    in the preauth codepath, deny (non-fatal) in seccomp_filter
sandbox.


Referenced Bugs:

https://bugzilla.mindrot.org/show_bug.cgi?id=2988
[Bug 2988] Tracking bug for 8.1 release
-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list