Bug#984940: CVE-2021-28041
Colin Watson
cjwatson at debian.org
Sat Mar 13 20:39:36 AEDT 2021
On Sat, Mar 13, 2021 at 02:55:48PM +1100, Darren Tucker wrote:
> On Sat, 13 Mar 2021 at 10:01, Colin Watson <cjwatson at debian.org> wrote:
> > This patch unfortunately doesn't apply terribly cleanly to OpenSSH
> > 8.4p1, [...]
> > If I understand the vulnerability correctly, then it seems to me that
> > the following shorter patch would fix it, and would run less risk of me
> > fouling something else up by backporting the refactoring wrongly:
>
> There's a patch against 8.4 here:
> https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/015_sshagent.patch.sig
>
> It has the first of the two changes in your diff. The second is
> harmless but unnecessary as it's on the exit path from the function
> and there can't be a following call to free.
Ah yes, indeed. I'll use that patch then.
Thanks,
--
Colin Watson (he/him) [cjwatson at debian.org]
More information about the openssh-unix-dev
mailing list