[openssh-commits] [openssh] branch master updated (36c6c3ef -> 73303084)

git+noreply at mindrot.org git+noreply at mindrot.org
Thu Mar 9 18:33:27 AEDT 2023 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a change to branch master
in repository openssh.

      from  36c6c3ef  upstream: Plug mem leak. Coverity CID 405196, ok djm@
       new  a2314149  Limit the number of PAM environment variables.
       new  bfd1ad01  Limit the number of PAM environment variables.
       new  54ac4ab2  upstream: include destination constraints for smartcard keys too.
       new  73303084  upstream: Re-split the merge of the reorder-hostkeys test.

The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit 733030840c4772f858de95d5940ec0c37663e8b0
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Thu Mar 9 07:11:05 2023 +0000

    upstream: Re-split the merge of the reorder-hostkeys test.
    
    In the kex_proposal_populate_entries change I merged the the check for
    reordering hostkeys with the actual reordering, but kex_assemble_names
    mutates options.hostkeyalgorithms which renders the check ineffective.
    Put the check back where it was.  Spotted and tested by jsg@, ok djm@
    
    OpenBSD-Commit-ID: a7469f25a738db5567395d1881e32479a7ffc9de

commit 54ac4ab2b53ce9fcb66b8250dee91c070e4167ed
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Thu Mar 9 06:58:26 2023 +0000

    upstream: include destination constraints for smartcard keys too.
    
    Spotted by Luci Stanescu; ok deraadt@ markus@
    
    OpenBSD-Commit-ID: add879fac6903a1cb1d1e42c4309e5359c3d870f

commit bfd1ad01d974a316b60622759ad17537fa2d92b4
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Thu Mar 9 18:24:54 2023 +1100

    Limit the number of PAM environment variables.
    
    xcalloc has its own limits, but these are specific to PAM.  From
    Coverity CID 405198, ok djm@

commit a231414970e01a35f45a295d5f93698fa1249b28
Author: Darren Tucker <dtucker at dtucker.net>
Date:   Thu Mar 9 18:19:44 2023 +1100

    Limit the number of PAM environment variables.
    
    From Coverity CID 405194, tweaks and ok djm@

Summary of changes:
 auth-pam.c    | 15 ++++++++++-----
 authfd.c      |  4 ++--
 monitor.c     |  4 ++++
 sshconnect2.c | 23 +++++++++++++----------
 4 files changed, 29 insertions(+), 17 deletions(-)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list