CRUX

Welcome to CRUX bug tracking.
Tasklist

FS#1711 - openssh: CVE-2018-20685

Attached to Project: CRUX
Opened by Predrag Ivanovic (pedja) - Monday, 14 January 2019, 13:40 GMT
Task Type Bug Report
Category ports
Status New
Assigned To CRUX Developers (crux)
Operating System CRUX
Severity High
Priority High
Reported Version 3.4
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 0
Private No

Details

From https://security-tracker.debian.org/tracker/CVE-2018-20685
"In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers
to bypass intended access restrictions via the filename of . or an empty filename."

Upstream commit:
https://github.com/openssh/openssh-portable/commit/6010c0303a422a9c5fa8860c061bf7105eb7f8b2
More info:
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
This task depends upon

Loading...