| version 1.4, 2013/11/08 03:35:20 |
version 1.5, 2013/11/08 04:01:40 |
|
|
| |
|
| <li><a name="002_sshgcm"></a> |
<li><a name="002_sshgcm"></a> |
| <font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> <i>All architectures</i><br> |
<font color="#009000"><strong>002: SECURITY FIX: Nov 7, 2013</strong></font> <i>All architectures</i><br> |
| A memory corruption vulnerability exists in the post- |
A memory corruption vulnerability exists in the post-authentication sshd process |
| authentication sshd process when an AES-GCM cipher |
when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is |
| (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is |
|
| selected during kex exchange. |
selected during kex exchange. |
| Review the <a href="http://www.openssh.org/txt/gcmrekey.adv">gcmrekey advisory</a> |
Review the <a href="http://www.openssh.org/txt/gcmrekey.adv">gcmrekey advisory</a> |
| for a mitigation. |
for a mitigation. |
![[BACK]](/icons/back.gif){kind=icon}
Return to errata54.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www