openssh: fix CVE-2023-51384 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Archana Polampalli <archana.polampalli@windriver.com>	2023-12-28 06:40:38 +0000
committer	Steve Sakoman <steve@sakoman.com>	2024-01-04 05:00:13 -1000
commit	bad31561c0ee9fb6a77edba822addd668ca864f1 (patch)
tree	119d6952f11149f054ec3502a825e7ca2c41149e /meta/classes/devshell.bbclass
parent	e9dbcd7a01fc3331fb6208b7a019bf5c5ab90002 (diff)
download	poky-bad31561c0ee9fb6a77edba822addd668ca864f1.tar.gz

openssh: fix CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys. References: https://nvd.nist.gov/vuln/detail/CVE-2023-51384 Upstream patches: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b (From OE-Core rev: 7a745dd1aa13fbf110cc4d86ddbc86617975d6ad) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/classes/devshell.bbclass')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: