Commits for CVE-2021-41617

Jan Damborsky dambi at tio.cz
Thu Sep 30 16:32:59 AEST 2021


Hi guys,

I am now in process of preparing patch for OpenSSH 8.4p1
to address CVE-2021-41617 (fixed in OpenSSH 8.8p1),
but it is not quite clear to me which particular
commits are relevant.

So far I have identified following ones:

https://github.com/openssh/openssh-portable/commit/f3cbe43e28fe71427d41cfe3a17125b972710455
https://github.com/openssh/openssh-portable/commit/bf944e3794eff5413f2df1ef37cddf96918c6bde

Could you please let me know that those are
the right ones or if there are more commits
to be included?

Thank you,
Jan Damborsky



More information about the openssh-unix-dev mailing list