[Bug 1469] Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576)

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sat May 31 08:10:14 EST 2008


https://bugzilla.mindrot.org/show_bug.cgi?id=1469


Colin Watson <cjwatson at debian.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1508|0                           |1
        is obsolete|                            |




--- Comment #4 from Colin Watson <cjwatson at debian.org>  2008-05-31 08:10:09 ---
Created an attachment (id=1510)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1510)
blacklist patch from Debian 1:4.7p1-12

Here's an updated version to align with the most recent Debian upload.
Changes from the previous attachment:

  * Refactor rejection of blacklisted user keys into a single
    reject_blacklisted_key function in auth.c (thanks, Dmitry V.
Levin).
  * Fix memory leak of blacklisted host keys (thanks, Dmitry V. Levin).

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list