From: Damien Miller (djmcvs.openbsd.org)
Date: Sun Sep 19 2010 - 23:50:53 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

CVSROOT: /cvs
Module name: src
Changes by: djmcvs.openbsd.org 2010/09/19 22:50:53

Modified files:
        usr.bin/ssh : jpake.c schnorr.c

Log message:
check that received values are smaller than the group size in the
disabled and unfinished J-PAKE code.

avoids catastrophic security failure found by Sebastien Martini

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]