Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / ab28f5495c85297e7a597c1ba62e996416da7c7e
commitab28f5495c85297e7a597c1ba62e996416da7c7e[log] [tgz]
authorKeun Soo Yim <yim@google.com>Sat Jan 16 02:37:12 2016 -0800
committerKeun Soo Yim <yim@google.com>Sat Jan 16 02:42:26 2016 -0800
tree1891448e4916006295cf504d5e650cc83c1803ca
parentb41c2ea39e0c548081e4466de2cae80b61c24b42 [diff]
forcibly disable roaming support in the client

ssh client security bug fix from
http://www.openssh.com/txt/release-7.1p2

openssh client is installed in gce instances.
although it's private key is not that much sensitive
it's better to land this security patch than not.

reported initially as cve-2016-0777 and cve-2016-0778
(January 14th, 2016)

BUG: 26587626
Change-Id: I113d576a3522ded8cb0f4a2e117999b0c51d4364
2 files changed
tree: 1891448e4916006295cf504d5e650cc83c1803ca
  1. contrib/
  2. openbsd-compat/
  3. aclocal.m4
  4. addrmatch.c
  5. Android.mk
  6. atomicio.c
  7. atomicio.h
  8. audit-bsm.c
  9. audit-linux.c
  10. audit.c
  11. audit.h
  12. auth-bsdauth.c
  13. auth-chall.c
  14. auth-krb5.c
  15. auth-options.c
  16. auth-options.h
  17. auth-pam.c
  18. auth-pam.h
  19. auth-passwd.c
  20. auth-rh-rsa.c
  21. auth-rhosts.c
  22. auth-rsa.c
  23. auth-shadow.c
  24. auth-sia.c
  25. auth-sia.h
  26. auth-skey.c
  27. auth.c
  28. auth.h
  29. auth1.c
  30. auth2-chall.c
  31. auth2-gss.c
  32. auth2-hostbased.c
  33. auth2-kbdint.c
  34. auth2-none.c
  35. auth2-passwd.c
  36. auth2-pubkey.c
  37. auth2.c
  38. authfd.c
  39. authfd.h
  40. authfile.c
  41. authfile.h
  42. bitmap.c
  43. bitmap.h
  44. blocks.c
  45. bufaux.c
  46. bufbn.c
  47. bufec.c
  48. buffer.c
  49. buffer.h
  50. buildpkg.sh.in
  51. canohost.c
  52. canohost.h
  53. chacha.c
  54. chacha.h
  55. ChangeLog
  56. channels.c
  57. channels.h
  58. cipher-3des1.c
  59. cipher-aes.c
  60. cipher-aesctr.c
  61. cipher-aesctr.h
  62. cipher-bf1.c
  63. cipher-chachapoly.c
  64. cipher-chachapoly.h
  65. cipher-ctr.c
  66. cipher.c
  67. cipher.h
  68. cleanup.c
  69. clientloop.c
  70. clientloop.h
  71. compat.c
  72. compat.h
  73. config.guess
  74. config.h
  75. config.h.in
  76. config.sub
  77. configure
  78. configure.ac
  79. crc32.c
  80. crc32.h
  81. CREDITS
  82. crypto_api.h
  83. deattack.c
  84. deattack.h
  85. defines.h
  86. dh.c
  87. dh.h
  88. digest-libc.c
  89. digest-openssl.c
  90. digest.h
  91. dispatch.c
  92. dispatch.h
  93. dns.c
  94. dns.h
  95. ed25519.c
  96. entropy.c
  97. entropy.h
  98. fatal.c
  99. fe25519.c
  100. fe25519.h
  101. fixalgorithms
  102. fixpaths
  103. fixprogs
  104. ge25519.c
  105. ge25519.h
  106. ge25519_base.data
  107. groupaccess.c
  108. groupaccess.h
  109. gss-genr.c
  110. gss-serv-krb5.c
  111. gss-serv.c
  112. hash.c
  113. hmac.c
  114. hmac.h
  115. hostfile.c
  116. hostfile.h
  117. includes.h
  118. INSTALL
  119. install-sh
  120. kex.c
  121. kex.h
  122. kexc25519.c
  123. kexc25519c.c
  124. kexc25519s.c
  125. kexdh.c
  126. kexdhc.c
  127. kexdhs.c
  128. kexecdh.c
  129. kexecdhc.c
  130. kexecdhs.c
  131. kexgex.c
  132. kexgexc.c
  133. kexgexs.c
  134. key.c
  135. key.h
  136. krl.c
  137. krl.h
  138. LICENCE
  139. log.c
  140. log.h
  141. loginrec.c
  142. loginrec.h
  143. logintest.c
  144. mac.c
  145. mac.h
  146. Makefile.in
  147. match.c
  148. match.h
  149. md-sha256.c
  150. md5crypt.c
  151. md5crypt.h
  152. mdoc2man.awk
  153. misc.c
  154. misc.h
  155. mkinstalldirs
  156. moduli
  157. moduli.0
  158. moduli.5
  159. moduli.c
  160. monitor.c
  161. monitor.h
  162. monitor_fdpass.c
  163. monitor_fdpass.h
  164. monitor_mm.c
  165. monitor_mm.h
  166. monitor_wrap.c
  167. monitor_wrap.h
  168. msg.c
  169. msg.h
  170. mux.c
  171. myproposal.h
  172. nchan.c
  173. nchan.ms
  174. nchan2.ms
  175. opacket.c
  176. opacket.h
  177. openssh.xml.in
  178. opensshd.init.in
  179. OVERVIEW
  180. packet.c
  181. packet.h
  182. pathnames.h
  183. pkcs11.h
  184. platform.c
  185. platform.h
  186. poly1305.c
  187. poly1305.h
  188. progressmeter.c
  189. progressmeter.h
  190. PROTOCOL
  191. PROTOCOL.agent
  192. PROTOCOL.certkeys
  193. PROTOCOL.chacha20poly1305
  194. PROTOCOL.key
  195. PROTOCOL.krl
  196. PROTOCOL.mux
  197. readconf.c
  198. readconf.h
  199. README
  200. README.dns
  201. README.platform
  202. README.privsep
  203. README.tun
  204. README.version
  205. readpass.c
  206. rijndael.c
  207. rijndael.h
  208. roaming.h
  209. roaming_client.c
  210. roaming_common.c
  211. roaming_dummy.c
  212. roaming_serv.c
  213. rsa.c
  214. rsa.h
  215. sandbox-capsicum.c
  216. sandbox-darwin.c
  217. sandbox-null.c
  218. sandbox-rlimit.c
  219. sandbox-seccomp-filter.c
  220. sandbox-systrace.c
  221. sc25519.c
  222. sc25519.h
  223. scp.0
  224. scp.1
  225. scp.c
  226. servconf.c
  227. servconf.h
  228. serverloop.c
  229. serverloop.h
  230. session.c
  231. session.h
  232. sftp-client.c
  233. sftp-client.h
  234. sftp-common.c
  235. sftp-common.h
  236. sftp-glob.c
  237. sftp-server-main.c
  238. sftp-server.0
  239. sftp-server.8
  240. sftp-server.c
  241. sftp.0
  242. sftp.1
  243. sftp.c
  244. sftp.h
  245. smult_curve25519_ref.c
  246. ssh-add.0
  247. ssh-add.1
  248. ssh-add.c
  249. ssh-agent.0
  250. ssh-agent.1
  251. ssh-agent.c
  252. ssh-dss.c
  253. ssh-ecdsa.c
  254. ssh-ed25519.c
  255. ssh-gss.h
  256. ssh-keygen.0
  257. ssh-keygen.1
  258. ssh-keygen.c
  259. ssh-keyscan.0
  260. ssh-keyscan.1
  261. ssh-keyscan.c
  262. ssh-keysign.0
  263. ssh-keysign.8
  264. ssh-keysign.c
  265. ssh-pkcs11-client.c
  266. ssh-pkcs11-helper.0
  267. ssh-pkcs11-helper.8
  268. ssh-pkcs11-helper.c
  269. ssh-pkcs11.c
  270. ssh-pkcs11.h
  271. ssh-rsa.c
  272. ssh-sandbox.h
  273. ssh.0
  274. ssh.1
  275. ssh.c
  276. ssh.h
  277. ssh1.h
  278. ssh2.h
  279. ssh_api.c
  280. ssh_api.h
  281. ssh_config
  282. ssh_config.0
  283. ssh_config.5
  284. sshbuf-getput-basic.c
  285. sshbuf-getput-crypto.c
  286. sshbuf-misc.c
  287. sshbuf.c
  288. sshbuf.h
  289. sshconnect.c
  290. sshconnect.h
  291. sshconnect1.c
  292. sshconnect2.c
  293. sshd.0
  294. sshd.8
  295. sshd.c
  296. sshd_config
  297. sshd_config.0
  298. sshd_config.5
  299. sshd_config.android
  300. ssherr.c
  301. ssherr.h
  302. sshkey.c
  303. sshkey.h
  304. sshlogin.c
  305. sshlogin.h
  306. sshpty.c
  307. sshpty.h
  308. sshtty.c
  309. start-ssh
  310. survey.sh.in
  311. TODO
  312. ttymodes.c
  313. ttymodes.h
  314. uidswap.c
  315. uidswap.h
  316. umac.c
  317. umac.h
  318. umac128.c
  319. uuencode.c
  320. uuencode.h
  321. verify.c
  322. version.h
  323. xmalloc.c
  324. xmalloc.h