projects / dragonfly.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2abacd1) | patch
ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778
authorMatthew Dillon <dillon@apollo.backplane.com>
Thu, 14 Jan 2016 17:06:23 +0000 (09:06 -0800)
committerMatthew Dillon <dillon@apollo.backplane.com>
Thu, 14 Jan 2016 17:09:07 +0000 (09:09 -0800)
commit81559ed82cdd20bdacf2e66e6435f96eb0b7c7c0
treed2061f64cdc60ce6aa704c36134c78bb7840b9d1tree | snapshot
parent2abacd1f65bb40dcb574f125a46d44c91b32ef49commit | diff
ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778

* Remove client-side 'roaming' feature as per openbsd patch.

* CVE-2016-0777 CVE-2016-0778.  A malicious server can trick the client
  into potentially leaking key material.
crypto/openssh/readconf.c diff | blob | blame | history
crypto/openssh/ssh.c diff | blob | blame | history
DragonFly Project Source