search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 3d93eee) | patch
ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778
commitea24d4f2298bf4838ac6437d7cc653a60fa97d91
authorMatthew Dillon <dillon@apollo.backplane.com>
Thu, 14 Jan 2016 17:06:23 +0000 (14 09:06 -0800)
committerMatthew Dillon <dillon@apollo.backplane.com>
Thu, 14 Jan 2016 17:06:23 +0000 (14 09:06 -0800)
treed6bb51ec972b91af9abbf94a7fc16cc614f27be3tree | snapshot (tar.gz zip)
parent3d93eee4133490417bf1e1cc4570acf452449f8ecommit | diff
ssh - Remove undocumented roaming support CVE-2016-0777 CVE-2016-0778

* Remove client-side 'roaming' feature as per openbsd patch.

* CVE-2016-0777 CVE-2016-0778.  A malicious server can trick the client
  into potentially leaking key material.
crypto/openssh/readconf.c diff | blob | blame | history
crypto/openssh/ssh.c diff | blob | blame | history
DragonFly BSD