CVSROOT: /cvs
Module name: src
Changes by: d...@cvs.openbsd.org 2021/06/05 21:40:39
Modified files:
usr.bin/ssh : compat.c compat.h sshconnect2.c
Log message:
Client-side workaround for a bug in OpenSSH 7.4: this release allows
RSA/SHA2 signatures for public key authentication but fails to advertise
this correctly via SSH2_MSG_EXT_INFO. This causes clients of these
server to incorrectly match PubkeyAcceptedAlgorithms and potentially
refuse to offer valid keys.
Reported by and based on patch from Gordon Messmer via bz3213, thanks
also for additional analysis by Jakub Jelen. ok dtucker
