CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/05/30 22:37:56
Modified files:
usr.bin/ssh : cipher.c cipher.h packet.c
Log message:
stricter validation of the transport state passed from the
unprivileged preauth sshd-auth process to the user-privileged
postauth sshd-session process.
These are harmless unless an attacker had an exploit for sshd-auth
in which case they could be used for post-auth memory DoS or to
crash you own session in a new and exciting way.
Reported by bylee3 and Kayky Vinicius
ok markus
