mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-04-20 03:47:16 +02:00
437d795d54
- CVE-2025-26465 - ssh(1) in OpenSSH versions 6.8p1 to 9.9p1 (inclusive) contained a logic error that allowed an on-path attacker (a.k.a MITM) to impersonate any server when the VerifyHostKeyDNS option is enabled. This option is off by default. - CVE-2025-26466 - sshd(8) in OpenSSH versions 9.5p1 to 9.9p1 (inclusive) is vulnerable to a memory/CPU denial-of-service related to the handling of SSH2_MSG_PING packets. This condition may be mitigated using the existing PerSourcePenalties feature. https://openwall.com/lists/oss-security/2025/02/18/1
25 lines
771 B
Diff
25 lines
771 B
Diff
diff -rNU3 openssh-9.0p1.old/loginrec.c openssh-9.0p1/loginrec.c
|
|
--- openssh-9.0p1.old/loginrec.c 2022-04-06 02:47:48.000000000 +0200
|
|
+++ openssh-9.0p1/loginrec.c 2022-07-11 14:59:44.848827188 +0200
|
|
@@ -763,10 +763,6 @@
|
|
set_utmpx_time(li, utx);
|
|
utx->ut_pid = li->pid;
|
|
|
|
- /* strncpy(): Don't necessarily want null termination */
|
|
- strncpy(utx->ut_user, li->username,
|
|
- MIN_SIZEOF(utx->ut_user, li->username));
|
|
-
|
|
if (li->type == LTYPE_LOGOUT)
|
|
return;
|
|
|
|
@@ -775,6 +771,10 @@
|
|
* for logouts.
|
|
*/
|
|
|
|
+ /* strncpy(): Don't necessarily want null termination */
|
|
+ strncpy(utx->ut_user, li->username,
|
|
+ MIN_SIZEOF(utx->ut_user, li->username));
|
|
+
|
|
# ifdef HAVE_HOST_IN_UTMPX
|
|
strncpy(utx->ut_host, li->hostname,
|
|
MIN_SIZEOF(utx->ut_host, li->hostname));
|