Author: delphij Date: Wed Nov 2 06:58:47 2016 New Revision: 308199 URL: https://svnweb.freebsd.org/changeset/base/308199
Log: MFC r308197: MFV r308196: Fix OpenSSH remote Denial of Service vulnerability. Security: CVE-2016-8858 Modified: stable/10/crypto/openssh/kex.c Directory Properties: stable/10/ (props changed) Modified: stable/10/crypto/openssh/kex.c ============================================================================== --- stable/10/crypto/openssh/kex.c Wed Nov 2 06:56:35 2016 (r308198) +++ stable/10/crypto/openssh/kex.c Wed Nov 2 06:58:47 2016 (r308199) @@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se if (kex == NULL) return SSH_ERR_INVALID_ARGUMENT; + ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL); ptr = sshpkt_ptr(ssh, &dlen); if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0) return r; _______________________________________________ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"