Where to find OpenSSH patch for CVE-2020-14145
Pawel Winogrodzki
pawelwi at microsoft.com
Sat Oct 31 02:51:00 AEDT 2020
Hello,
We are currently trying to apply a patch to our 8.0p1 version of OpenSSH for CVE-2020-14145<https://nvd.nist.gov/vuln/detail/CVE-2020-14145>. The "patch" tag from NIST's web page links to the 8.3p1 vs 8.4p1 comparison<https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1> on GitHub. Is there, however, any one specific patch, which could be backported to our version or is updating to 8.4p1 the only solution for this CVE? Thank you in advance for your help!
All the best,
Pawel
More information about the openssh-unix-dev
mailing list