asedeno.scripts.mit.edu Git - PuTTY.git/commit

]> asedeno.scripts.mit.edu Git - PuTTY.git/commit

author	Simon Tatham <anakin@pobox.com>
	Wed, 24 Feb 2016 20:13:10 +0000 (20:13 +0000)
committer	Simon Tatham <anakin@pobox.com>
	Mon, 29 Feb 2016 19:59:37 +0000 (19:59 +0000)
commit	bc6c15ab5f636e05b7e91883f0031a7e06117947
tree	6a6f7e1f173e2523b7a26489cc0625bb208542bb	tree \| snapshot
parent	51586b6f26e81673b85b1840411983865359c156	commit \| diff

Fix vulnerability CVE-2016-2563 in old scp protocol.

There was a rogue sscanf("%s") with no field width limit, targeting a
stack-based buffer, and scanning a string containing untrusted data.
It occurs in the 'sink' side of the protocol, i.e. when downloading
files *from* the server.

Our own bug id for this vulnerability is 'vuln-pscp-sink-sscanf'.

pscp.c

diff | blob | history

local copy of git://git.tartarus.org/simon/putty.git

RSS Atom