mirror of
https://github.com/openbsd/ports.git
synced 2026-06-18 15:33:55 +02:00
sthen
0a52fb73a5
- Security: Avoid privilege escalation via unix stream forwarding in Dropbear server. Other programs on a system may authenticate unix sockets via SO_PEERCRED, which would be root user for Dropbear forwarded connections - Security: Include scp fix for CVE-2019-6111. This allowed a malicious server to overwrite arbitrary local files. - Don't limit channel window to 500MB. That is could cause stuck connections if peers advise a large window and don't send an increment within 500MB. Affects SSH.NET https://github.com/sshnet/SSH.NET/issues/1671 and some others