[Bug 1526357] Re: Fix broken handling of first_kex_follows clients
Ubuntu Foundations Team Bug Bot
1526357 at bugs.launchpad.net
Tue Dec 15 16:20:36 UTC 2015
The attachment "From http://cvsweb.openbsd.org/cgi-
bin/cvsweb/src/usr.bin/ssh/kex.c.diff?r1=1.114&r2=1.115" seems to be a
patch. If it isn't, please remove the "patch" flag from the attachment,
remove the "patch" tag, and if you are a member of the ~ubuntu-
reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1526357
Title:
Fix broken handling of first_kex_follows clients
Status in openssh package in Ubuntu:
Fix Committed
Bug description:
OpenSSH versions between 6.8 and 7.1 inclusive have a regression that
breaks connections from clients that use SSH first_kex_follows
feature. This affects connections from the Dropbear SSH client
(dbclient), they fail with "bad hostkey signature" or similar. It may
affect ssh.com clients too.
This has been fixed in upstream in the attached patch, it would be
worthwhile including in Xenial if it's going to ship with the current
OpenSSH 7.1. Upstream change 1.115 http://cvsweb.openbsd.org/cgi-
bin/cvsweb/src/usr.bin/ssh/kex.c
https://bugzilla.mindrot.org/show_bug.cgi?id=2515#c6 Comment 6 is the
upstream bug report (ignore the rest of the bug about new diffie-
hellman algorithms)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1526357/+subscriptions
More information about the foundations-bugs
mailing list