kumquat-buildroot/package/putty
Fabrice Fontaine 1352b59eb2 package/putty: fix CVE-2021-36367
PuTTY through 0.75 proceeds with establishing an SSH session even if it
has never sent a substantive authentication response. This makes it
easier for an attacker-controlled SSH server to present a later spoofed
authentication prompt (that the attacker can use to capture credential
data, and use that data for purposes that are undesired by the client
user).

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-07-17 12:02:21 +02:00
..
0001-unix-uxutils.h-fix-build-on-uclibc.patch
0002-New-option-to-reject-trivial-success-of-userauth.patch package/putty: fix CVE-2021-36367 2021-07-17 12:02:21 +02:00
Config.in
putty.hash
putty.mk package/putty: fix CVE-2021-36367 2021-07-17 12:02:21 +02:00