git: DragonFly_RELEASE_4_4 ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778
Matthew Dillon
dillon at crater.dragonflybsd.org
Thu Jan 14 09:09:11 PST 2016
commit 81559ed82cdd20bdacf2e66e6435f96eb0b7c7c0
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Thu Jan 14 09:06:23 2016 -0800
ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778
* Remove client-side 'roaming' feature as per openbsd patch.
* CVE-2016-0777 CVE-2016-0778. A malicious server can trick the client
into potentially leaking key material.
Summary of changes:
crypto/openssh/readconf.c | 5 ++---
crypto/openssh/ssh.c | 3 ---
2 files changed, 2 insertions(+), 6 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/81559ed82cdd20bdacf2e66e6435f96eb0b7c7c0
--
DragonFly BSD source repository
More information about the Commits
mailing list