kumquat-buildroot/package/openssh
Baruch Siach 7fe3741bc4 openssh: add upstream security fixes
CVE-2019-6109: Due to missing character encoding in the progress
display, a malicious server (or Man-in-The-Middle attacker) can employ
crafted object names to manipulate the client output, e.g., by using
ANSI control codes to hide additional files being transferred. This
affects refresh_progress_meter() in progressmeter.c.

CVE-2019-6111: Due to the scp implementation being derived from 1983
rcp, the server chooses which files/directories are sent to the client.
However, the scp client only performs cursory validation of the object
name returned (only directory traversal attacks are prevented). A
malicious scp server (or Man-in-The-Middle attacker) can overwrite
arbitrary files in the scp client target directory. If recursive
operation (-r) is performed, the server can manipulate subdirectories as
well (for example, to overwrite the .ssh/authorized_keys file).

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 19:59:11 +01:00
..
0001-upstream-disallow-empty-incoming-filename-or-ones-th.patch
0002-upstream-Sanitize-scp-filenames-via-snmprintf.-To-do.patch
0003-upstream-check-in-scp-client-that-filenames-sent-dur.patch
Config.in
openssh.hash
openssh.mk
S50sshd
sshd-sysusers.conf
sshd.service