5ef5b39bd4
Fixes CVE-2018-15473: user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed. Some OpenSSH developers don't consider this a security issue: https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037138.html Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
5 lines
259 B
Plaintext
5 lines
259 B
Plaintext
# From http://www.openssh.com/txt/release-7.8 (base64 encoded)
|
|
sha256 1a484bb15152c183bb2514e112aa30dd34138c3cfb032eee5490a66c507144ca openssh-7.8p1.tar.gz
|
|
# Locally calculated
|
|
sha256 05a4c25ef464e19656c5259bd4f4da8428efab01044f3541b79fbb3ff209350f LICENCE
|