projects / openwrt / staging / ynezz.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 08ef207) | patch
dropbear: Fix CVE-2020-36254
authorHauke Mehrtens <hauke@hauke-m.de>
Sun, 2 May 2021 15:35:16 +0000 (17:35 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Mon, 3 May 2021 18:08:53 +0000 (20:08 +0200)
commita883e3af386a6aef80fae14facbf1981eb8e91bc
tree491f53ffcffa43248d871b81bc96804f2db591d8tree | snapshot
parent08ef2073d416214a0f7edf02aefa32d4107e4c1ccommit | diff
dropbear: Fix CVE-2020-36254

This backports a fix from dropbear 2020.81.
CVE-2020-36254 description:
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/network/services/dropbear/patches/001-fix-CVE-2020-36254.patch [new file with mode: 0644] blob
Staging tree of Petr Stetiar