Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1:Rings:1-MinimalX
openssh
openssh-6.6p1-disable_DH_under_1536b.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssh-6.6p1-disable_DH_under_1536b.patch of Package openssh
# HG changeset patch # Parent 49d6f0c7bd349c3ca1ce4c67a7b6b507823f3d3c Raise minimal size of DH group parameters to 1536bits. 1024b values are believed to be in breaking range for state adversaries and the default moduli shipped with openssh have been around long enough to make it more likely for them to be broken. CVE-2015-4000 (LOGJAM) bsc#932483 diff --git a/openssh-6.6p1/dh.h b/openssh-6.6p1/dh.h --- a/openssh-6.6p1/dh.h +++ b/openssh-6.6p1/dh.h @@ -39,17 +39,17 @@ DH *dh_new_group1(void); DH *dh_new_group14(void); void dh_gen_key(DH *, int); int dh_pub_is_valid(DH *, BIGNUM *); int dh_estimate(int); /* Min and max values from RFC4419. */ -#define DH_GRP_MIN 1024 +#define DH_GRP_MIN 1536 #define DH_GRP_MIN_FIPS 2048 #define DH_GRP_MAX 8192 /* * Values for "type" field of moduli(5) * Specifies the internal structure of the prime modulus. */ #define MODULI_TYPE_UNKNOWN (0)
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
