CVS: cvs.openbsd.org: src

Damien Miller Sun, 31 Jan 2021 14:55:49 -0800

CVSROOT:        /cvs
Module name:    src
Changes by:     [email protected]    2021/01/31 15:55:29


Modified files:
        usr.bin/ssh    : kex.c kex.h kexgen.c kexgexc.c kexgexs.c 

Log message:
more strictly enforce KEX state-machine by banning packet types
once they are received. Fixes memleak caused by duplicate
SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz
via oss-fuzz #30078).

ok markus@

CVS: cvs.openbsd.org: src

Reply via email to