FYI: fix for big-endian systems pushed to V_9_9 branch
Damien Miller
djm at mindrot.org
Mon Oct 28 12:52:01 AEDT 2024
On Sun, 27 Oct 2024, Colin Watson wrote:
> On Sun, Oct 27, 2024 at 03:45:33PM +1100, Damien Miller wrote:
> > This is mostly a note for downstream distributors of OpenSSH. I've
> > just pushed fixes to the V_9_9 stable branch for a bug in the
> > mlkem768x25519-sha256 key exchange algorithm that was added in this
> > release that causes connection failures when connecting between
> > big-endian and little-endian hosts.
> >
> > The problem is on the big-endian side. No change is required for
> > the more common little-endian architectures (e.g. x86, ARM).
> >
> > If you distribute OpenSSH to big-endian systems and have packaged
> > OpenSSH 9.9 already, then I recommend you include these fixes as the
> > next release of OpenSSH will make this key exchange algorithm the
> > default.
>
> Thanks, applied in Debian. (I skipped the third patch, since I believe
> we have endian.h everywhere.)
yeah, it's even standardised now in POSIX 2024 :)
More information about the openssh-unix-dev
mailing list