diff options
author | Colin Watson <cjwatson@debian.org> | 2018-08-17 12:28:26 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2018-08-17 12:31:27 +0100 |
commit | 4641c58a3279f6b118f9562babaa0ee050a38619 (patch) | |
tree | 87718b668ec8a737c1729ee568207c2a384f6d61 /debian/patches/series | |
parent | daf34b85afe25c10fac13e9cff16b25c3e3914e9 (diff) | |
parent | c4ca1497658e0508e8595ad74978c07bc92a18e3 (diff) |
Fix user enumeration vulnerability
Apply upstream patch to delay bailout for invalid authenticating user
until after the packet containing the request has been fully parsed.
Closes: #906236
Diffstat (limited to 'debian/patches/series')
-rw-r--r-- | debian/patches/series | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/debian/patches/series b/debian/patches/series index 9f89f7347..e1eb16773 100644 --- a/debian/patches/series +++ b/debian/patches/series | |||
@@ -25,3 +25,4 @@ seccomp-s390-flock-ipc.patch | |||
25 | seccomp-getuid-geteuid.patch | 25 | seccomp-getuid-geteuid.patch |
26 | seccomp-s390-ioctl-ep11-crypto.patch | 26 | seccomp-s390-ioctl-ep11-crypto.patch |
27 | upstream-relax-checking-of-authorized_keys-environme.patch | 27 | upstream-relax-checking-of-authorized_keys-environme.patch |
28 | upstream-delay-bailout-for-invalid-authenticating-user.patch | ||