Leo Famulari <[email protected]> skribis: > * gnu/packages/patches/openssh-CVE-2015-8325.patch: New file. > * gnu-system.am (dist_patch_DATA): Add it. > * gnu/packages/ssh.scm (openssh): Use it.
The explanation in the OpenSSH commit log is clear IMO and the fix looks reasonable, so I’d say go for it… … but I can’t seem to find the change in the authoritative repo: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/session.c Am I missing something? Ludo’.
