aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhilip Paeps <philip@FreeBSD.org>2023-12-20 08:14:36 +0000
committerPhilip Paeps <philip@FreeBSD.org>2023-12-20 08:14:36 +0000
commit42099f809c0bf562ab95cba9e1c08de78bba6434 (patch)
tree46f117178dc8d962dd7e9f1b8a254dd457b0cafb
parent258750c3a106ece99537dfadc9ed961c1571cf40 (diff)
downloaddoc-42099f809c.tar.gz
doc-42099f809c.zip
Add advisory affecting 12.4R, 13.2R and 14.0R
FreeBSD-SA-23:19.openssh affects all supported releases Note: While this issue does affect 12.4-STABLE and 12.4-RELEASE, the version of OpenSSH in 12.4 is old enough the vendor provided patch does not cleanly apply. As 12.4 goes out of support at the end of December and in order to quickly get fixes out for 14.0 and 13.2, the FreeBSD Security Team is issuing this advisory now while feasibility of a 12.4 backport is investigated. Users with 12.4 are encouraged to either implement the documented workaround or leverage an up to date version of OpenSSH from the ports/pkg collection.
-rw-r--r--website/content/en/releases/12.4R/errata.adoc1
-rw-r--r--website/content/en/releases/13.2R/errata.adoc1
-rw-r--r--website/content/en/releases/14.0R/errata.adoc1
3 files changed, 3 insertions, 0 deletions
diff --git a/website/content/en/releases/12.4R/errata.adoc b/website/content/en/releases/12.4R/errata.adoc
index 42f288d9ca..4a180fff9a 100644
--- a/website/content/en/releases/12.4R/errata.adoc
+++ b/website/content/en/releases/12.4R/errata.adoc
@@ -56,6 +56,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:12.msdosfs.asc[FreeBSD-SA-23:12.msdosfs] |3 October 2023 |msdosfs data disclosure
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:15.stdio.asc[FreeBSD-SA-23:15.stdio] |8 November 2023 |libc stdio buffer overflow
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4)
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol
|===
[[errata]]
diff --git a/website/content/en/releases/13.2R/errata.adoc b/website/content/en/releases/13.2R/errata.adoc
index be279652c3..272735dfd5 100644
--- a/website/content/en/releases/13.2R/errata.adoc
+++ b/website/content/en/releases/13.2R/errata.adoc
@@ -59,6 +59,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:16.cap_net.asc[FreeBSD-SA-23:16.cap_net] |8 November 2023 |Incorrect libcap_net limitation list manipulation
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4)
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient] |12 December 2023 |NFS client data corruption and kernel memory disclosure
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol
|===
[[errata]]
diff --git a/website/content/en/releases/14.0R/errata.adoc b/website/content/en/releases/14.0R/errata.adoc
index df5fb7d94d..4ce0f28f01 100644
--- a/website/content/en/releases/14.0R/errata.adoc
+++ b/website/content/en/releases/14.0R/errata.adoc
@@ -47,6 +47,7 @@ For a list of all FreeBSD CERT security advisories, see https://www.FreeBSD.org/
|Advisory |Date |Topic
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:17.pf.asc[FreeBSD-SA-23:17.pf] |5 December 2023 |TCP spoofing vulnerability in pf(4)
|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:18.nfsclient.asc[FreeBSD-SA-23:18.nfsclient] |12 December 2023 |NFS client data corruption and kernel memory disclosure
+|link:https://www.FreeBSD.org/security/advisories/FreeBSD-SA-23:19.openssh.asc[FreeBSD-SA-23:19.openssh] |19 December 2023 |Prefix Truncation Attack in the SSH protocol
|===
[[errata]]