git: ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778
Matthew Dillon
dillon at crater.dragonflybsd.org
Thu Jan 14 09:08:19 PST 2016
commit ea24d4f2298bf4838ac6437d7cc653a60fa97d91
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Thu Jan 14 09:06:23 2016 -0800
ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778
* Remove client-side 'roaming' feature as per openbsd patch.
* CVE-2016-0777 CVE-2016-0778. A malicious server can trick the client
into potentially leaking key material.
Summary of changes:
crypto/openssh/readconf.c | 5 ++---
crypto/openssh/ssh.c | 3 ---
2 files changed, 2 insertions(+), 6 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ea24d4f2298bf4838ac6437d7cc653a60fa97d91
--
DragonFly BSD source repository
More information about the Commits
mailing list