summaryrefslogtreecommitdiff
path: root/openbsd-compat/arc4random.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2019-01-26 22:41:28 +0000
committerColin Watson <cjwatson@debian.org>2019-02-08 16:39:38 +0000
commit125924e47db3713a85a70e0f8d6c23818d2ea054 (patch)
treec8427bede4b2f4577f27250dbd84c8f8c50928de /openbsd-compat/arc4random.c
parent2a8f710447442e9a03e71c022859112ec2d77d17 (diff)
upstream: check in scp client that filenames sent during
remote->local directory copies satisfy the wildcard specified by the user. This checking provides some protection against a malicious server sending unexpected filenames, but it comes at a risk of rejecting wanted files due to differences between client and server wildcard expansion rules. For this reason, this also adds a new -T flag to disable the check. reported by Harry Sintonen fix approach suggested by markus@; has been in snaps for ~1wk courtesy deraadt@ OpenBSD-Commit-ID: 00f44b50d2be8e321973f3c6d014260f8f7a8eda CVE-2019-6111 Origin: backport, https://anongit.mindrot.org/openssh.git/commit/?id=391ffc4b9d31fa1f4ad566499fef9176ff8a07dc Last-Update: 2019-02-08 Patch-Name: check-filenames-in-scp-client.patch
Diffstat (limited to 'openbsd-compat/arc4random.c')
0 files changed, 0 insertions, 0 deletions