Skip to content
Commit 5ef5b39b authored by Baruch Siach's avatar Baruch Siach Committed by Thomas Petazzoni
Browse files

openssh: security bump to version 7.8 

Fixes CVE-2018-15473: user enumeration vulnerability due to not delaying
bailout for an invalid authenticating user until after the packet
containing the request has been fully parsed.

Some OpenSSH developers don't consider this a security issue:

  https://lists.mindrot.org/pipermail/openssh-unix-dev/2018-August/037138.html



Signed-off-by: default avatarBaruch Siach <baruch@tkos.co.il>
Signed-off-by: default avatarThomas Petazzoni <thomas.petazzoni@bootlin.com>
parent 59af8a3a
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment