1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-16 15:57:04 +00:00
Files
Hitendra Prajapati 9f461395a8 openssh: fix CVE-2025-61984
ssh in OpenSSH before 10.1 allows control characters in usernames that
originate from certain possibly untrusted sources, potentially leading
to code execution when a ProxyCommand is used. The untrusted sources
are the command line and %-sequence expansion of a configuration file.

Note:
openssh does not support variable expansion until 10.0, so backport
adapts for this.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-61984

Upstream-Status: Backport from https://github.com/openssh/openssh-portable/commit/35d5917652106aede47621bb3f64044604164043

(From OE-Core rev: 7ca0c7a4d17c707658669e255689ecd4183c7e9b)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-12-12 08:49:37 -08:00
..
2025-12-12 08:49:37 -08:00
2025-12-12 08:49:37 -08:00