From owner-doc-jp-work@jp.FreeBSD.org Sat Mar  9 17:18:16 2002
Received: (from daemon@localhost)
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) id g298IG525149;
	Sat, 9 Mar 2002 17:18:16 +0900 (JST)
	(envelope-from owner-doc-jp-work@jp.FreeBSD.org)
Received: from eos.ocn.ne.jp (eos.ocn.ne.jp [210.190.142.171])
	by castle.jp.FreeBSD.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g298IGP25144
	for <doc-jp-work@jp.FreeBSD.org>; Sat, 9 Mar 2002 17:18:16 +0900 (JST)
	(envelope-from hrs@eos.ocn.ne.jp)
Received: from mail.hrslab.yi.org (p2226-adsah09hon-acca.tokyo.ocn.ne.jp [218.43.28.226])
	by eos.ocn.ne.jp (OCN) with ESMTP id RAA01958
	for <doc-jp-work@jp.FreeBSD.org>; Sat, 9 Mar 2002 17:18:15 +0900 (JST)
Received: from localhost (alph.hrslab.yi.org [192.168.0.10])
	by mail.hrslab.yi.org (8.9.3/3.7W/DomainMaster) with ESMTP id RAA79407
	for <doc-jp-work@jp.FreeBSD.org>; Sat, 9 Mar 2002 17:17:26 +0900 (JST)
	(envelope-from hrs@eos.ocn.ne.jp)
Date: Sat, 09 Mar 2002 17:16:44 +0900 (JST)
Message-Id: <20020309.171644.28788824.hrs@eos.ocn.ne.jp>
To: doc-jp-work@jp.FreeBSD.org
From: Hiroki Sato <hrs@eos.ocn.ne.jp>
In-Reply-To: <20020308.110818.21359114.y-koga@jp.FreeBSD.org>
	<20020307.121224.81925309.hino@ccrl.sj.nec.com>
References: <200203071459.g27ExnB68056@freefall.freebsd.org>
	<20020308.040725.85412228.hrs@eos.ocn.ne.jp>
	<20020308.110818.21359114.y-koga@jp.FreeBSD.org>
X-Mailer: Mew version 2.1 on Emacs 20.7 / Mule 4.0 (HANANOEN)
Mime-Version: 1.0
Content-Type: Multipart/Mixed;
 boundary="--Next_Part(Sat_Mar__9_17:16:44_2002_639)--"
Content-Transfer-Encoding: 7bit
Reply-To: doc-jp-work@jp.FreeBSD.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+011218
X-Sequence: doc-jp-work 294
Subject: [doc-jp-work 294] Re: ANNOUNCE: FreeBSD Security Advisory
 FreeBSD-SA-02:13.openssh
Errors-To: owner-doc-jp-work@jp.FreeBSD.org
Sender: owner-doc-jp-work@jp.FreeBSD.org
X-Originator: hrs@eos.ocn.ne.jp

----Next_Part(Sat_Mar__9_17:16:44_2002_639)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

$B:4F#!wEl5~M}2JBg3X$G$9!#(B

 $B$I$&$b$G$9!#F|Ln$5$s$H$3$,$5$s$N;XE&$rH?1G$7$?(B
 02:13 $B=$@5HG$G$9!#(B

Koji Hino <hino@ccrl.sj.nec.com> wrote
  in <20020307.121224.81925309.hino@ccrl.sj.nec.com>:

hino> $B$&$&$`!"$=$&$$$($P(Boff by one error$B$NLu8l$C$F$_$?$3$H$J$$$h$&$J!D(B
hino> $B!V0l$D0c$$!W$@$H!"4V0c$C$F$$$k$H$3$m$,0l%+=j$"$k!"$_$?$$$J8l46$G$9$M!D(B
hino> $B!V0l$D$:$l!W!V0l$:$l!W!D$3$l$b$$$^$$$A!D(B

 FreeBSD-SA $B$G$O(B 00:63 $B$K=i=P!"(B01:66, 02:13 $B$H(B off-by-one $B$,=P$F$-$F$$$^$9!#(B
 $B<+J,$G$b!V0l8D$:$l!W$H$+$$$/$D$+$N%Q%?!<%s$r9M$($?$N$G$9$,!"(B
 $B0lHV:G=i$K!V0l$D0c$$!W$H$7$F$7$^$C$?$N$G!"$=$l$r$R$-$:$C$F$$$^$9!#(B

 $BB>$NJ}$b$I$&$G$7$g$&(B?  $B:#$NLu$K<9Ce$O$J$$$N$G!"(B
 $B!V$3$l$,NI$5$=$&!W$H$$$&0U8+$,$"$l$P$*4j$$$7$^$9!#(B

hino> $B!V(Bmalloc$B$N4IM}NN0h!W!V(Bmalloc$B$,4IM}$9$kNN0h!W!V(Bmalloc$B$N>80.NN0h!W$J$I$N(B
hino> $B$[$&$,LuCm$rF~$l$J$/$F$bD>46E*$KJ,$+$k$h$&$J5$$,$7$^$9!#(B

 $BLuCm$rMn$7$^$7$?!#(B

--
| $B:4F#(B $B9-@8!wEl5~M}2JBg3X(B <hrs@eos.ocn.ne.jp>
|                         <hrs@FreeBSD.org> (FreeBSD Project)

----Next_Part(Sat_Mar__9_17:16:44_2002_639)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

Index: 02:13
===================================================================
RCS file: /home/cvs/private/hrs/announce-jp/FreeBSD-SA/02:13,v
retrieving revision 1.1
diff -d -u -I\$FreeBSD:.*\$ -I\$Id:.*\$ -I\$hrs:.*\$ -r1.1 02:13
--- 02:13	7 Mar 2002 19:03:31 -0000	1.1
+++ 02:13	8 Mar 2002 16:46:25 -0000
@@ -65,8 +65,7 @@
 $B$=$NB>$N%M%C%H%o!<%/%l%Y%k$N967b$r8z2LE*$KL5NO2=$7$^$9!#(B
 $B$^$?(B OpenSSH $B$K$O!"?tB?$/$N%;%-%e%"$J%H%s%M%k$r:n@.$9$k5!G=!"(B
 $BK-IY$JG'>ZJ}K!$X$NBP1~$H$$$C$?FCD'$,$"$j$^$9!#(B
-$B%/%i%$%"%s%H%"%W%j%1!<%7%g%s$O(B `ssh'$B!"%5!<%P$O(B `sshd' $B$H(B
-$B8F$P$l$F$$$^$9!#(B 
+`ssh' $B$,%/%i%$%"%s%H%"%W%j%1!<%7%g%s$G!"(B`sshd' $B$,%5!<%P$G$9!#(B
 
 
 II.  $BLdBj$N>\:Y(B - Problem Description
@@ -78,8 +77,8 @@
 be able to influence the contents of the memory so referenced.
 
 OpenSSH $B$O(B X11 $B$d(B TCP, $B%(!<%8%'%s%H$NE>Aw$r<BAu$9$k$?$a!"(B
-$BC10l$N(B TCP $B@\B3$KBP$7$FJ#?t$N!V%A%c%M%k(B (channels)$B!W$rB?=E2=$7$^$9!#(B
-$B$7$+$7!"$3$N%A%c%M%k$r4IM}$9$k%3!<%I$K$O0l$D0c$$(B (off-by-one) $B%(%i!<$,(B
+$BC10l$N(B TCP $B@\B3>e$GJ#?t$N!V%A%c%M%k(B (channels)$B!W$rB?=E2=$7$^$9!#(B
+$B$3$N%A%c%M%k$r4IM}$9$k%3!<%I$K$O0l$D0c$$(B (off-by-one) $B%(%i!<$,(B
 $B4^$^$l$F$*$j!"%A%c%M%kMQ$K3NJ]$5$l$?%a%b%j$G$O$J$$>l=j$r;2>H$9$k(B
 $B2DG=@-$,$"$j$^$9!#$D$^$j!"0-0U$r;}$C$?%/%i%$%"%s%H!"$b$7$/$O(B
 $B%5!<%P$+$i!"$=$N;2>H2DG=$J%a%b%j$NFbMF$rA`:n$G$-$k2DG=@-$,$"$j$^$9!#(B
@@ -114,14 +113,10 @@
    details of exploiting this bug, configuring malloc to junk memory
    will thwart the attack.
 
-   FreeBSD $B$N(B malloc $B<BAu$G$O!"(Bmalloc $B%"%j!<%J$KJV$5$l$k%a%b%j$r(B
+   FreeBSD $B$N(B malloc $B$N<BAu$G$O!"(Bmalloc $B4IM}NN0h(B (malloc arena) $B$KJV$5$l$k%a%b%j$r(B
    $B>e=q$-!"$b$7$/$O$=$NFbMF$rGK4~$9$k$h$&$K@_Dj$9$k$3$H$,2DG=$G$9!#(B
    $B:#2s$N%P%0$r0-MQ$9$k>l9g$O$3$NItJ,$rMxMQ$9$k$?$a!"%a%b%jFbMF$r(B
    $BGK4~$9$k$h$&$K(B malloc $B$r@_Dj$9$k$3$H$G!"967b$KBP93$9$k$3$H$,$G$-$^$9!#(B
-
-    == $BLuCm(B: malloc $B%"%j!<%J(B (malloc arena) $B$H$O!"(Bbrk(2) $B$d(B sbrk(2) $B$K$h$C$F(B
-    ==       $B%W%m%;%9$K3d$jEv$F$i$l!"(Bmalloc(3) $B$K$h$C$F;HMQ$5$l$k(B
-    ==       $B%a%b%j6u4V$N$3$H$G$9!#(B
 
    To configure a FreeBSD system to junk memory, execute the following
    commands as root:

----Next_Part(Sat_Mar__9_17:16:44_2002_639)--
Content-Type: Text/Plain; charset=iso-2022-jp
Content-Transfer-Encoding: 7bit

FreeBSD $B%;%-%e%j%F%#4+9p(B $BF|K\8lHG(B
=============================================================================
FreeBSD-SA-02:13 (2002-03-07)
 * OpenSSH contains exploitable off-by-one bug
=============================================================================

 $B$3$N%a!<%k$O(B, announce-jp $B$KN.$l$?(B

  Subject: ANNOUNCE: FreeBSD Security Advisory FreeBSD-SA-02:13.openssh
  From: FreeBSD Security Advisories <security-advisories@FreeBSD.org>
  Date: Thu, 7 Mar 2002 06:59:49 -0800 (PST)
  Message-Id: <200203071459.g27ExnB68056@freefall.freebsd.org>
  X-Sequence: announce-jp 943

 $B$rF|K\8lLu$7$?$b$N$G$9(B. 

 $B86J8$O(B PGP $B=pL>$5$l$F$$$^$9$,(B, $B$3$NF|K\8lLu$O(B PGP $B=pL>$5$l$F$$$^$;$s(B. 
 $B=$@5%Q%C%AEy$NFbMF$,2~$6$s$5$l$F$$$J$$$3$H$r3NG'$9$k$?$a$K(B PGP $B=pL>$N(B
 $B%A%'%C%/$r9T$J$&$K$O(B, $B86J8$r;2>H$7$F$/$@$5$$(B. 

 $BF|K\8lLu$*$h$S(B, $B%_%i!<%5%$%HMxMQ$N>\:Y$K$D$$$F$O(B, $BJ8Kv$N!V(BA. FreeBSD
 $B%;%-%e%j%F%#4+9p(B $BF|K\8lHG$K$D$$$F!W$r$4Mw$/$@$5$$(B.


                                     [$BK]Lu<T(B: $B:4F#(B $B9-@8(B <hrs@jp.FreeBSD.org>]
--($B$3$3$+$i(B)

=============================================================================
FreeBSD-SA-02:13                                            Security Advisory
                                                                FreeBSD, Inc.

$B%H%T%C%/(B:	OpenSSH $B$K4^$^$l$k0-MQ2DG=$J!V0l$D0c$$!W%P%0$NLdBj(B
		(OpenSSH contains exploitable off-by-one bug)
$BJ,N`(B:		core, ports
$B%b%8%e!<%k(B:	openssh, ports_openssh, openssh-portable
$B9pCNF|(B:		2002-03-07
$B%/%l%8%C%H(B:	Joost Pol <joost@pine.nl>
$B1F6AHO0O(B:	FreeBSD 4.4-RELEASE, 4.5-RELEASE
		$B=$@5F|$h$jA0$N(B FreeBSD 4.5-STABLE
		openssh-3.0.2_1 $B$h$jA0$N%P!<%8%g%s$N(B openssh port 
		openssh-portable-3.0.2p1_1 $B$h$jA0$N%P!<%8%g%s$N(B
		openssh-portable port 
$B=$@5F|(B:		2002-03-06 13:57:54 UTC (RELENG_4)
		2002-03-07 14:40:56 UTC (RELENG_4_5)
		2002-03-07 14:40:07 UTC (RELENG_4_4)
		2002-03-06 13:53:38 UTC (ports/security/openssh)
		2002-03-06 13:53:39 UTC (ports/security/openssh-portable)
CVE:		CAN-2002-0083
FreeBSD $B$K8GM-$+(B:	NO


I.   $BGX7J(B - Background

OpenSSH is a free version of the SSH protocol suite of network
connectivity tools.  OpenSSH encrypts all traffic (including
passwords) to effectively eliminate eavesdropping, connection
hijacking, and other network-level attacks. Additionally, OpenSSH
provides a myriad of secure tunneling capabilities, as well as a
variety of authentication methods. `ssh' is the client application,
while `sshd' is the server.

OpenSSH $B$O(B SSH $B%W%m%H%3%k72$r;H$C$?!"%U%j!<$GMxMQ$G$-$k(B
$B%M%C%H%o!<%/@\B3MQ%D!<%k$G$9!#(BOpenSSH $B$O(B ($B%Q%9%o!<%I$r4^$`(B)
$B$9$Y$F$N%H%i%U%#%C%/$r0E9f2=$9$k$3$H$G!"EpD0$d@\B3$N>h$C<h$j!"(B
$B$=$NB>$N%M%C%H%o!<%/%l%Y%k$N967b$r8z2LE*$KL5NO2=$7$^$9!#(B
$B$^$?(B OpenSSH $B$K$O!"?tB?$/$N%;%-%e%"$J%H%s%M%k$r:n@.$9$k5!G=!"(B
$BK-IY$JG'>ZJ}K!$X$NBP1~$H$$$C$?FCD'$,$"$j$^$9!#(B
`ssh' $B$,%/%i%$%"%s%H%"%W%j%1!<%7%g%s$G!"(B`sshd' $B$,%5!<%P$G$9!#(B


II.  $BLdBj$N>\:Y(B - Problem Description

OpenSSH multiplexes `channels' over a single TCP connection in order
to implement X11, TCP, and agent forwarding.  An off-by-one error in
the code which manages channels can result in a reference to memory
beyond that allocated for channels.  A malicious client or server may
be able to influence the contents of the memory so referenced.

OpenSSH $B$O(B X11 $B$d(B TCP, $B%(!<%8%'%s%H$NE>Aw$r<BAu$9$k$?$a!"(B
$BC10l$N(B TCP $B@\B3>e$GJ#?t$N!V%A%c%M%k(B (channels)$B!W$rB?=E2=$7$^$9!#(B
$B$3$N%A%c%M%k$r4IM}$9$k%3!<%I$K$O0l$D0c$$(B (off-by-one) $B%(%i!<$,(B
$B4^$^$l$F$*$j!"%A%c%M%kMQ$K3NJ]$5$l$?%a%b%j$G$O$J$$>l=j$r;2>H$9$k(B
$B2DG=@-$,$"$j$^$9!#$D$^$j!"0-0U$r;}$C$?%/%i%$%"%s%H!"$b$7$/$O(B
$B%5!<%P$+$i!"$=$N;2>H2DG=$J%a%b%j$NFbMF$rA`:n$G$-$k2DG=@-$,$"$j$^$9!#(B


III. $B1F6AHO0O(B - Impact

An authorized remote user (i.e. a user that can successfully
authenticate on the target system) may be able to cause sshd to
execute arbitrary code with superuser privileges.

$BG'>Z$5$l$?%j%b!<%H%f!<%6(B ($B@\B3BP>]$N%7%9%F%`$K$*$$$F@5$7$/G'>Z$r(B
$B<u$1$?%f!<%6(B) $B$O!"(Bsshd $B$r0-MQ$7!"%9!<%Q%f!<%6$N8"8B$GG$0U$N%3!<%I$r(B
$B<B9T$G$-$k2DG=@-$,$"$j$^$9!#(B

A malicious server may be able to cause a connecting ssh client to
execute arbitrary code with the privileges of the client user.

$B0-0U$r;}$C$?%5!<%P$O!"@\B3$7$F$$$k(B ssh $B%/%i%$%"%s%H$rMxMQ$7$F!"(B
$B$=$N%/%i%$%"%s%H$N%f!<%68"8B$GG$0U$N%3!<%I$r<B9T$9$k$3$H$,$G$-$k(B
$B2DG=@-$,$"$j$^$9!#(B


IV.  $B2sHrJ}K!(B - Workaround

Do one of the following:

$B<!$N$$$:$l$+$K=>$C$F$/$@$5$$!#(B

1) The FreeBSD malloc implementation can be configured to overwrite
   or `junk' memory that is returned to the malloc arena.  Due to the
   details of exploiting this bug, configuring malloc to junk memory
   will thwart the attack.

   FreeBSD $B$N(B malloc $B$N<BAu$G$O!"(Bmalloc $B4IM}NN0h(B (malloc arena) $B$KJV$5$l$k%a%b%j$r(B
   $B>e=q$-!"$b$7$/$O$=$NFbMF$rGK4~$9$k$h$&$K@_Dj$9$k$3$H$,2DG=$G$9!#(B
   $B:#2s$N%P%0$r0-MQ$9$k>l9g$O$3$NItJ,$rMxMQ$9$k$?$a!"%a%b%jFbMF$r(B
   $BGK4~$9$k$h$&$K(B malloc $B$r@_Dj$9$k$3$H$G!"967b$KBP93$9$k$3$H$,$G$-$^$9!#(B

   To configure a FreeBSD system to junk memory, execute the following
   commands as root:

   FreeBSD $B%7%9%F%`$G%a%b%jFbMF$rGK4~$9$k$h$&$K@_Dj$9$k$K$O!"(B
   root $B8"8B$G<!$N%3%^%s%I$r<B9T$7$^$9!#(B

   # ln -fs J /etc/malloc.conf

   Note that this option will degrade system performance.  See the
   malloc(3) man page for full details on malloc options.

   $B$?$@$7!"$3$NJ}K!$O%7%9%F%`$N@-G=$r0-2=$5$;$^$9!#(Bmalloc $B$N(B
   $B%*%W%7%g%s4X$9$k40A4$J>\:Y$O!"(Bmalloc(3) $B$N%^%K%e%"%k%Z!<%8$r(B
   $B;2>H$7$F$/$@$5$$!#(B

2) Disable the base system sshd by executing the following command as
   root:

   root $B8"8B$G<!$N%3%^%s%I$r<B9T$7!"%Y!<%9%7%9%F%`$N(B sshd $B$rDd;_$5$;$^$9!#(B

   # kill `cat /var/run/sshd.pid`

   Be sure that sshd is not restarted when the system is restarted
   by adding the following line to the end of /etc/rc.conf:

   $B%7%9%F%`$,:F5/F0$7$?:]$K(B sshd $B$,:F5/F0$7$J$$$h$&$K!"(B/etc/rc.conf $B$N(B
   $B:G8e$K<!$N9T$rDI2C$7$^$9!#(B

   sshd_enable="NO"

   AND
   $B$=$l$i$K2C$(!"(B*$B$5$i$K(B*

   Deinstall the openssh or openssh-portable ports if you have one of
   them installed.

   openssh $B$b$7$/$O(B openssh-portable $B$N(B port $B$,%$%s%9%H!<%k(B
   $B$5$l$F$$$k>l9g$O!"$=$l$i$r:o=|$7$F$/$@$5$$!#(B


V.   $B2r7h:v(B - Solution

Do one of the following:
$B<!$N$$$:$l$+$K=>$C$F$/$@$5$$!#(B

[For OpenSSH included in the base system]
[$B%Y!<%9%7%9%F%`$K4^$^$l$F$$$k(B OpenSSH $B$N>l9g(B]

1) Upgrade the vulnerable system to 4.4-RELEASEp9, 4.5-RELEASEp2,
   or 4.5-STABLE after the correction date and rebuild.
1) $B<eE@$r;}$C$?%7%9%F%`$r(B 4.4-RELEASEp9, 4.5-RELEASEp2, $B$"$k$$$O(B
   $B=$@5F|0J9_$N(B 4.5-STABLE $B$K99?7$7!"%7%9%F%`$r:F9=C[$7$^$9!#(B

2) $B=$@5F|$h$jA0$N(B FreeBSD 4.x $B%7%9%F%`$N>l9g(B:

The following patch has been verified to apply to FreeBSD 4.4-RELEASE,
4.5-RELEASE, and 4.5-STABLE dated prior to the correction date.  It
may or may not apply to older, unsupported versions of FreeBSD.

$B<!$N=$@5%Q%C%A$O(B FreeBSD 4.4-RELEASE, 4.5-RELEASE $B$*$h$S!"(B
$B=$@5F|$h$jA0$N(B 4.5-STABLE $B$KBP$7$FE,MQ2DG=$J$3$H$,3NG'$5$l$F$$$k$b$N$G$9!#(B
$B$=$l$h$j$b8E$$%j%j!<%9$d!"%5%]!<%H$5$l$F$$$J$$(B FreeBSD $B%j%j!<%9$K(B
$BBP$7$F$O!"$3$l$i$N=$@5%Q%C%A$,@5$7$/E,MQ$G$-$J$$2DG=@-$,$"$j$^$9!#(B

Download the patch and the detached PGP signature from the following
locations, and verify the signature using your PGP utility.

$B=$@5%Q%C%A$H(B PGP $B=pL>$r<!$N>l=j$+$i%@%&%s%m!<%I$7$F!"(B
PGP $B%f!<%F%#%j%F%#$r;H$C$F(B PGP $B=pL>$r3NG'$7$^$9!#(B

# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch
# fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-02:13/openssh.patch.asc

Execute the following commands as root:
$B$=$7$F(B root $B8"8B$G0J2<$N%3%^%s%I$r<B9T$7$^$9!#(B

# cd /usr/src
# patch < /path/to/sshd.patch
# cd /usr/src/secure/lib/libssh
# make depend && make all
# cd /usr/src/secure/usr.sbin/sshd
# make depend && make all install
# cd /usr/src/secure/usr.bin/ssh
# make depend && make all install

[For the OpenSSH ports]
[OpenSSH $B$N(B port $B$N>l9g(B]

$B<!$N$$$:$l$+$K=>$C$F$/$@$5$$!#(B

1) Upgrade your entire ports collection and rebuild the OpenSSH port.
1) Ports Collection $BA4BN$r%"%C%W%0%l!<%I$7(B OpenSSH $B$N(B port $B$r:F9=C[$9$k!#(B

2) Deinstall the old package and install a new package obtained from
the following directory:
2) $B8E$$(B ($BLuCm(B: OpenSSH $B$N(B) package $B$r%7%9%F%`$+$i:o=|$7!"(B
   $B=$@5F|0J9_$K:n@.$5$l$??7$7$$(B package $B$r0J2<$N>l=j$+$i(B
   $B<hF@$7$F%$%s%9%H!<%k$9$k!#(B

[i386]
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/security/

[other platforms]
Packages are not automatically generated for other platforms at this
time due to lack of build resources.
[$B$=$NB>$N%W%i%C%H%U%)!<%`(B]
$B8=;~E@$G$O$=$NB>$N%"!<%-%F%/%A%cMQ$N(B package $B$O<+F0@8@.$5$l$F$$$^$;$s!#(B
$B$3$l$O!"9=C[$N$?$a$N%^%7%s%j%=!<%9$,ITB-$7$F$$$k$?$a$G$9!#(B

3) Download a new port skeleton for the openssh or openssh-portable
port from:
3) openssh $B$"$k$$$O(B openssh-portable $B$N?7$7$$(B port $B%9%1%k%H%s$r(B
   $B0J2<$N>l=j$+$i%@%&%s%m!<%I$7!"$=$l$r;H$C$F(B port $B$r:F9=C[$9$k!#(B

http://www.freebsd.org/ports/

and use it to rebuild the port.

4) Use the portcheckout utility to automate option (3) above. The
portcheckout port is available in /usr/ports/devel/portcheckout or the
package can be obtained from:
4) $B>e5-(B (3) $B$NA`:n$r<+F0E*$K9T$J$&(B portcheckout $B%f!<%F%#%j%F%#$r;H$&!#(B
   portcheckout $B$N(B port $B$O(B /usr/ports/devel/portcheckout $B$K$"$j$^$9!#(B
   $B$^$?!"(Bportcheckout $B$N(B package $B$,0J2<$N>l=j$+$iF~<j2DG=$G$9!#(B

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-4-stable/Latest/portcheckout.tgz
ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/Latest/portcheckout.tgz


VI.  $B=$@5$N>\:Y(B - Correction details

The following list contains the revision numbers of each file that was
corrected in the FreeBSD ports collection.

$B<!$NI=$O!":#2s=$@5$5$l$?(B FreeBSD Ports Collection $B$K4^$^$l$k(B
$B3F%U%!%$%k$N%j%S%8%g%sHV9f$G$9(B.

Path                                                             Revision
$B%Q%9L>(B                                                          $B%j%S%8%g%s(B
  Branch
  $B%V%i%s%A(B
- -------------------------------------------------------------------------
[Base system]
[$B%Y!<%9%7%9%F%`(B]
src/crypto/openssh/channels.c
  HEAD                                                                1.8
  RELENG_4                                                    1.1.1.1.2.6
  RELENG_4_5                                              1.1.1.1.2.5.2.1
  RELENG_4_4                                              1.1.1.1.2.4.4.1
src/crypto/openssh/version.h
  HEAD                                                               1.10
  RELENG_4                                                    1.1.1.1.2.8
  RELENG_4_5                                              1.1.1.1.2.7.2.1
  RELENG_4_4                                              1.1.1.1.2.5.2.2
src/sys/conf/newvers.sh
  RELENG_4_5                                                1.44.2.20.2.3
  RELENG_4_4                                                1.44.2.17.2.8

[Ports]
ports/security/openssh/Makefile                                      1.81
ports/security/openssh/files/patch-channels.c                         1.1
ports/security/openssh-portable/Makefile                             1.21
ports/security/openssh-portable/files/patch-channels.c                1.1
- -------------------------------------------------------------------------

Branch                       Version string
$B%V%i%s%A(B                     $B%P!<%8%g%sJ8;zNs(B
- -------------------------------------------------------------------------
HEAD                         OpenSSH_2.9 FreeBSD localisations 20020307
RELENG_4                     OpenSSH_2.9 FreeBSD localisations 20020307
RELENG_4_5                   OpenSSH_2.9 FreeBSD localisations 20020307
RELENG_4_4                   OpenSSH_2.3.0 FreeBSD localisations 20020307
- -------------------------------------------------------------------------

To view the version string of the OpenSSH server, execute the
following command:
sshd $B%5!<%P$N%P!<%8%g%sJ8;zNs$rI=<($9$k$K$O!"<!$N%3%^%s%I$r<B9T$7$^$9!#(B

  % /usr/sbin/sshd -\?

The version string is also displayed when a client connects to the
server.

$B%P!<%8%g%sJ8;zNs$O!"%/%i%$%"%s%H$,%5!<%P$K@\B3$7$?;~$K$bI=<($5$l$^$9!#(B

To view the version string of the OpenSSH client, execute the
following command:

OpenSSH $B%/%i%$%"%s%H$N%P!<%8%g%sJ8;zNs$rI=<($9$k$K$O!"(B
$B<!$N%3%^%s%I$r<B9T$7$^$9!#(B

  % /usr/bin/ssh -V


VII. $B;29M;qNA(B - References

<URL:http://www.pine.nl/advisories/pine-cert-20020301.txt>

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0083 to this issue.
  <URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0083>

Common Vulnerabilities and Exposures $B%W%m%8%'%/%H(B (cve.mitre.org) $B$O!"(B
$B$3$NLdBj$K(B CAN-2002-0083 $B$H$$$&L>A0$r3d$jEv$F$F$$$^$9!#(B
  <URL:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0083>


A.   FreeBSD $B%;%-%e%j%F%#4+9p(B $BF|K\8lHG$K$D$$$F(B

$BF|K\8lLu$O(B FreeBSD $BF|K\8l%I%-%e%a%s%F!<%7%g%s%W%m%8%'%/%H(B (doc-jp) $B$,(B
$B;29M$N$?$a$KDs6!$9$k$b$N$G$9(B.  $B2a5n$NF|K\8lHG%;%-%e%j%F%#4+9p$O(B

 http://www.FreeBSD.org/ja/security/

$B$K$^$H$a$i$l$F$$$^$9(B.  

$B$?$@$7(B, $BK]Lu<T$*$h$S(B doc-jp $B$O(B, $B$=$NFbMF$K$D$$$F$$$+$J$kJ]>Z$b(B
$B$$$?$7$^$;$s$N$G$4Cm0U$/$@$5$$(B.  $BF|K\8lLu$K$D$$$F$N$40U8+(B, $B$4MWK>(B,
$B$*Ld$$9g$o$;Ey$O(B doc-jp@jp.FreeBSD.org $B$^$G$*4j$$$7$^$9(B.

$B$3$N4+9p$NCf$G>R2p$5$l$F$$$k(B WWW $B%5%$%H(B http://www.FreeBSD.org/ $B$*$h$S(B
FTP $B%5%$%H(B ftp://ftp.FreeBSD.org/ $B$K$O(B, $BF|K\$N%_%i!<%5%$%H$,B8:_$7$^$9(B.
$B%M%C%H%o!<%/$N:.;($r4KOB$9$k$?$a(B, $B$^$:$O%_%i!<%5%$%H$NMxMQ$r(B
$B9MN8$9$k$h$&$*4j$$$7$^$9(B.

$BF|K\$N%_%i!<%5%$%H$rMxMQ$9$k$K$O(B,
http://www.FreeBSD.org/ $B$r(B http://www.jp.FreeBSD.org/www.freebsd.org/ $B$K(B,
ftp://ftp.FreeBSD.org/ $B$r(B ftp://ftp.jp.FreeBSD.org/ $B$K(B,
$B$=$l$>$lCV$-49$($F$/$@$5$$(B.

$BB>$NCO0h$r4^$`(B, $B%_%i!<%5%$%H$K4X$9$k>\:Y$O(B,

 http://www.FreeBSD.org/handbook/mirror.html ($B1QJ8(B)
 http://www.FreeBSD.org/ja/handbook/mirror.html ($BF|K\8lLu(B)

$B$K$^$H$a$i$l$F$$$^$9(B.

$hrs: announce-jp/FreeBSD-SA/02:13,v 1.2 2002/03/09 08:13:16 hrs Exp $

----Next_Part(Sat_Mar__9_17:16:44_2002_639)----
