Opened 2 years ago

Closed 2 years ago

Last modified 2 years ago

#17149 closed enhancement (fixed)

openssh-9.1p1 ssh-askpass-9.1p1

Reported by: Douglas R. Reno Owned by: Bruce Dubbs
Priority: elevated Milestone: 11.3
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New minor version

Change History (4)

comment:1 by Xi Ruoyao, 2 years ago

Release note at http://www.openssh.com/txt/release-9.1.

Notable security changes:

This release contains fixes for three minor memory safety problems. None are believed to be exploitable, but we report most memory safety problems as potential security vulnerabilities out of caution.

  • ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing. Reported by Qualys
  • ssh-keygen(1): double free() in error path of file hashing step in signing/verify code; GHPR333
  • ssh-keysign(8): double-free in error path introduced in openssh-8.9

comment:2 by Bruce Dubbs, 2 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:3 by Bruce Dubbs, 2 years ago

Resolution: fixed
Status: assignedclosed

Fixed at commits 

d985f0b3af Update to git-2.38.0.
f9ed4f2223 Update to icewm-3.0.0.
fd6f0d21e0 Update to openssh-9.1p1 snd ssh-askpass-9.1p1.
47184ac9df Update to SDL2-2.24.1.
cf379d7c98 Update to xkeyboard-config-2.37.
3dd64c1825 Update to Net-DNS-1.35 (Perl module).

comment:4 by Douglas R. Reno, 2 years ago

Issued SA-11.2-017

Note: See TracTickets for help on using tickets.