Page MenuHomeDevCentral
Create Task
Maniphest T667

Mitigate CVE-2016-0777 in SSH clients configuration files
Closed, ResolvedPublic
Actions

Description

A security issue has been discovered to the SSH client.

To mitigate it, the following undocumented setting should be applied:

/etc/ssh/ssh_config
UseRoaming no

Reference

Related Objects

Event Timeline

dereckson created this task.Jan 14 2016, 15:50
dereckson added a comment.Jan 14 2016, 16:00

Done for Ysul, Dwellers, the containers for DevCentral and phabricator.wolfplex.be.

dereckson lowered the priority of this task from High to Normal.Jan 14 2016, 16:01

Lowered the priority as we've mitigated at places where there are ssh outgoing connections.

dereckson added a comment.Jan 17 2016, 02:16

Ysul OpenSSH_6.6.1p1, OpenSSL 1.0.1l-freebsd 15 Jan 2015
Dwellers OpenSSH_6.6.1p1, OpenSSL 1.0.1e-fips 11 Feb 2013

Jnekins/Phab Containers still needs to be updated.

dereckson mentioned this in T673: Rebuild images using OpenSSH client.Jan 17 2016, 02:18
dereckson removed dereckson as the assignee of this task.Mar 8 2018, 21:07
dereckson closed this task as Resolved.Feb 14 2020, 17:40
dereckson claimed this task.

OpenSSH now mitigates this.

Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator