openssh: Fix pre-authentication remote code execution in sshd.

Reported by: Qualys Threat Research Unit (TRU) Approved by: so Security: FreeBSD-SA-24:04.openssh Security: CVE-2024-6387 (cherry picked from commit 2abea9df01) (cherry picked from commit 620a6a54bb)
2026-06-04 06:15:33 -04:00 · 2024-07-01 16:20:01 +08:00 · 2024-07-01 16:20:01 +08:00 · 007d9fa5c0
commit 007d9fa5c0
parent 4d53a6b7a4
2 changed files with 3 additions and 1 deletions
--- a/crypto/openssh/log.c
+++ b/crypto/openssh/log.c
@ -451,12 +451,14 @@ void
 sshsigdie(const char *file, const char *func, int line, int showfunc,
    LogLevel level, const char *suffix, const char *fmt, ...)
 {
+#if 0
 	va_list args;

 	va_start(args, fmt);
 	sshlogv(file, func, line, showfunc, SYSLOG_LEVEL_FATAL,
 	    suffix, fmt, args);
 	va_end(args);
+#endif
 	_exit(1);
 }

--- a/crypto/openssh/version.h
+++ b/crypto/openssh/version.h
@ -5,4 +5,4 @@
 #define SSH_PORTABLE	"p1"
 #define SSH_RELEASE	SSH_VERSION SSH_PORTABLE

-#define SSH_VERSION_FREEBSD	"FreeBSD-20240318"
+#define SSH_VERSION_FREEBSD	"FreeBSD-20240701"