[openssh-commits] [openssh] branch master updated (a5dfc5ba -> 3dd0c64e)
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Feb 1 09:57:37 AEDT 2021
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from a5dfc5ba allow a fuzz case to contain more than one request
new 7a92a324 upstream: Set linesize returned by getline to zero when freeing and
new 3dd0c64e upstream: more strictly enforce KEX state-machine by banning packet
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit 3dd0c64e08f1bba21d71996d635c7256c8c139d1
Author: djm at openbsd.org <djm at openbsd.org>
Date: Sun Jan 31 22:55:29 2021 +0000
upstream: more strictly enforce KEX state-machine by banning packet
types once they are received. Fixes memleak caused by duplicate
SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz via
oss-fuzz #30078).
ok markus@
OpenBSD-Commit-ID: 87331c715c095b587d5c88724694cdeb701c9def
commit 7a92a324a2e351fabd0ba8ef9b434d3b12d54ee3
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Sun Jan 31 10:50:10 2021 +0000
upstream: Set linesize returned by getline to zero when freeing and
NULLing the returned string. OpenBSD's getline handles this just fine, but
some implementations used by -portable do not. ok djm@
OpenBSD-Commit-ID: 4d7bd5169d3397654247db9655cc69a9908d165c
Summary of changes:
kex.c | 4 ++--
kex.h | 3 ++-
kexgen.c | 8 +++++++-
kexgexc.c | 12 ++++++++----
kexgexs.c | 7 ++++++-
sshsig.c | 4 +++-
6 files changed, 28 insertions(+), 10 deletions(-)
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list