projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 59af8a3) | patch
openssh: security bump to version 7.8
authorBaruch Siach <baruch@tkos.co.il>
Fri, 24 Aug 2018 04:56:14 +0000 (07:56 +0300)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Fri, 24 Aug 2018 12:38:01 +0000 (14:38 +0200)
commit5ef5b39bd4006526717364b39b04a663ce174517
tree70ef8b57a9acf4eb6d52ef06cab4357be6fae429tree
parent59af8a3a223d2d5fdd6496ef59b79be38d957df5commit | diff
openssh: security bump to version 7.8

Fixes CVE-2018-15473: user enumeration vulnerability due to not delaying
bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed.

Some OpenSSH developers don't consider this a security issue:

  https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037138.html

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/openssh/openssh.hash diff | blob | history
package/openssh/openssh.mk diff | blob | history