Return to errata53.html CVS log | Up to [local] / www |
version 1.14, 2013/11/22 00:05:40 | version 1.15, 2013/11/30 21:02:22 | ||
---|---|---|---|
|
|
||
A memory corruption vulnerability exists in the post-authentication sshd process | A memory corruption vulnerability exists in the post-authentication sshd process | ||
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is | when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is | ||
selected during kex exchange. | selected during kex exchange. | ||
Review the <a href="http://www.openssh.org/txt/gcmrekey.adv">gcmrekey advisory</a> | Review the <a href="http://www.openssh.com/txt/gcmrekey.adv">gcmrekey advisory</a> | ||
for a mitigation. | for a mitigation. | ||
<br> | <br> |