HBSD: temporary fix / workaround for OpenSSH's CVE-2016-0777 · HardenedBSD/hardenedBSD-stable@831e468

Commit

HBSD: temporary fix / workaround for OpenSSH's CVE-2016-0777

List:       openbsd-tech
Subject:    Important SSH patch coming soon
From:       Theo de Raadt <deraadt () openbsd ! org>
Date:       2016-01-14 14:05:36
Message-ID: 29041.1452780336 () cvs ! openbsd ! org
[Download message RAW]

Important SSH patch coming soon.  For now, every on all operating
systems, please do the following:

Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no"
to prevent upcoming #openssh client bug CVE-2016-0777. More later.

https://www.marc.info/?l=openbsd-tech&m=145278077820529&w=2
http://undeadly.org/cgi?action=article&sid=20160114142733

Thanks-for-the-info: Hunger <hunger+hbsd@hunger.hu>
Signed-off-by: Oliver Pinter <oliver.pinter@hardenedbsd.org>

Loading branch information

opntr committed Jan 14, 2016

1 parent 4c9501e commit 831e468

crypto/openssh/ssh_config

-Original file line number
+Diff line change
@@ Expand Up / @@ -49,3 +49,4 @@ @@
     #   RekeyLimit 1G 1h
     #   VerifyHostKeyDNS yes
     #   VersionAddendum FreeBSD-20140420
+    UseRoaming no

0 comments on commit `831e468`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `831e468`

Commit

There are no files selected for viewing

0 comments on commit 831e468

0 comments on commit `831e468`