]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: e5786af) | patch
openssh: fix for CVE-2014-2653
authorChen Qi <Qi.Chen@windriver.com>
Tue, 13 May 2014 07:46:27 +0000 (15:46 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 29 May 2014 12:42:10 +0000 (13:42 +0100)
commit6a8a9903de24cc7e1f27b1f7202bd4157719327c
treed0c43347c3b2030111cac14804130d60ea6af0fatree | snapshot
parente5786afbfa79e1288d1df2401684c4c151c60406commit | diff
openssh: fix for CVE-2014-2653

The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and
earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking
by presenting an unacceptable HostCertificate.

(From OE-Core rev: 7b2fff61b3d1c0566429793ee348fa8978ef0cba)

Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Conflicts:
meta/recipes-connectivity/openssh/openssh_6.5p1.bb
meta/recipes-connectivity/openssh/openssh/openssh-CVE-2014-2653.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssh/openssh_6.5p1.bb diff | blob | history
Mirror of the official openembedded-core repository