Fix user enumeration vulnerability

Apply upstream patch to delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. Closes: #906236
author: Colin Watson <cjwatson@debian.org> 2018-08-17 12:28:26 +0100
committer: Colin Watson <cjwatson@debian.org> 2018-08-17 12:31:27 +0100
commit: 4641c58a3279f6b118f9562babaa0ee050a38619 (patch)
tree: 87718b668ec8a737c1729ee568207c2a384f6d61 /debian/patches/series
parent: daf34b85afe25c10fac13e9cff16b25c3e3914e9 (diff)
parent: c4ca1497658e0508e8595ad74978c07bc92a18e3 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/debian/patches/series b/debian/patches/series
index 9f89f7347..e1eb16773 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -25,3 +25,4 @@ seccomp-s390-flock-ipc.patch
 seccomp-getuid-geteuid.patch
 seccomp-s390-ioctl-ep11-crypto.patch
 upstream-relax-checking-of-authorized_keys-environme.patch
+upstream-delay-bailout-for-invalid-authenticating-user.patch
author	Colin Watson <cjwatson@debian.org>	2018-08-17 12:28:26 +0100
committer	Colin Watson <cjwatson@debian.org>	2018-08-17 12:31:27 +0100
commit	4641c58a3279f6b118f9562babaa0ee050a38619 (patch)
tree	87718b668ec8a737c1729ee568207c2a384f6d61 /debian/patches/series
parent	daf34b85afe25c10fac13e9cff16b25c3e3914e9 (diff)
parent	c4ca1497658e0508e8595ad74978c07bc92a18e3 (diff)

diff --git a/debian/patches/series b/debian/patches/series index 9f89f7347..e1eb16773 100644 --- a/debian/patches/series +++ b/debian/patches/series
@@ -25,3 +25,4 @@ seccomp-s390-flock-ipc.patch
25	seccomp-getuid-geteuid.patch	25	seccomp-getuid-geteuid.patch
26	seccomp-s390-ioctl-ep11-crypto.patch	26	seccomp-s390-ioctl-ep11-crypto.patch
27	upstream-relax-checking-of-authorized_keys-environme.patch	27	upstream-relax-checking-of-authorized_keys-environme.patch
		28	upstream-delay-bailout-for-invalid-authenticating-user.patch