Welcome to CRUX bug tracking.

FS#1711 - openssh: CVE-2018-20685

Attached to Project: CRUX
Opened by Predrag Ivanovic (pedja) - Monday, 14 January 2019, 13:40 GMT
Last edited by Thomas Penteker (teK) - Wednesday, 16 January 2019, 22:10 GMT
Task Type Bug Report
Category ports
Status Closed
Assigned To CRUX Developers (crux)
Operating System CRUX
Severity High
Priority High
Reported Version 3.4
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


"In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers
to bypass intended access restrictions via the filename of . or an empty filename."

Upstream commit:
More info:
This task depends upon

Closed by  Thomas Penteker (teK)
Wednesday, 16 January 2019, 22:10 GMT
Reason for closing:  Fixed
Additional comments about closing:  fixed by commits 9004c74c, 181b6db5