]> git.ipfire.org Git - thirdparty/openssh-portable.git/commit
projects / thirdparty / openssh-portable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b1c4bf5) | patch
upstream: kbd-interactive device names should be matched against
authordjm@openbsd.org <djm@openbsd.org>
Mon, 29 Sep 2025 02:32:15 +0000 (02:32 +0000)
committerDamien Miller <djm@mindrot.org>
Mon, 29 Sep 2025 03:24:57 +0000 (13:24 +1000)
commitbcd88ded2fff97652d4236405a3354ca66f90f7e
tree90232d143af4ca98eb92dae17f4e2c030b96a1c2tree | snapshot
parentb1c4bf5c2f1c2b30698dbaadc5d823862213f1fccommit | diff
upstream: kbd-interactive device names should be matched against

the full device name, not a prefix. Doesn't matter in practice as there is
only one kbd-int device supported (PAM xor BSD auth), and an attacker would
still need to successfully authenticate against an incorrectly-selected
device.

reported by ashamedbit, NobleMathews; ok deraadt@

OpenBSD-Commit-ID: cf75d4f99405fbb41354c4ae724a3b39a3b58f82
auth2-chall.c diff | blob | blame | history
Mirror of https://github.com/openssh/openssh-portable.git