Author: glebius
Date: Thu Jan 14 22:40:46 2016
New Revision: 294048
URL: https://svnweb.freebsd.org/changeset/base/294048
Log:
Fix OpenSSH client information leak.
Security: SA-16:07.openssh
Security: CVE-2016-0777
Modified:
head/crypto/openssh/readconf.c
Modified: head/crypto/openssh/readconf.c
==============================================================================
--- head/crypto/openssh/readconf.c Thu Jan 14 22:07:35 2016
(r294047)
+++ head/crypto/openssh/readconf.c Thu Jan 14 22:40:46 2016
(r294048)
@@ -1610,7 +1610,7 @@ initialize_options(Options * options)
options->tun_remote = -1;
options->local_command = NULL;
options->permit_local_command = -1;
- options->use_roaming = -1;
+ options->use_roaming = 0;
options->visual_host_key = -1;
options->ip_qos_interactive = -1;
options->ip_qos_bulk = -1;
@@ -1788,8 +1788,7 @@ fill_default_options(Options * options)
options->tun_remote = SSH_TUNID_ANY;
if (options->permit_local_command == -1)
options->permit_local_command = 0;
- if (options->use_roaming == -1)
- options->use_roaming = 1;
+ options->use_roaming = 0;
if (options->visual_host_key == -1)
options->visual_host_key = 0;
if (options->ip_qos_interactive == -1)
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
