FYI: fix for big-endian systems pushed to V_9_9 branch
Colin Watson
cjwatson at debian.org
Mon Oct 28 00:59:36 AEDT 2024
On Sun, Oct 27, 2024 at 03:45:33PM +1100, Damien Miller wrote:
> This is mostly a note for downstream distributors of OpenSSH. I've
> just pushed fixes to the V_9_9 stable branch for a bug in the
> mlkem768x25519-sha256 key exchange algorithm that was added in this
> release that causes connection failures when connecting between
> big-endian and little-endian hosts.
>
> The problem is on the big-endian side. No change is required for
> the more common little-endian architectures (e.g. x86, ARM).
>
> If you distribute OpenSSH to big-endian systems and have packaged
> OpenSSH 9.9 already, then I recommend you include these fixes as the
> next release of OpenSSH will make this key exchange algorithm the
> default.
Thanks, applied in Debian. (I skipped the third patch, since I believe
we have endian.h everywhere.)
--
Colin Watson (he/him) [cjwatson at debian.org]
More information about the openssh-unix-dev
mailing list