Age | Commit message (Collapse) | Author | |
---|---|---|---|
2014-05-13 | openssh: fix for CVE-2014-2653 | Chen Qi | |
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |