Antonio Larrosa
45f6d17800
package existed for a brief period of time during SLE 15 SP6/
Leap 15.6 development but even if it was removed from the
repositories before GM, some users might have it in their
systems from having tried a beta/RC release (boo#1227350).
quoting was present in the user-supplied ssh_config(5) directive
(bsc#1218215, CVE-2023-51385).
OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=270
20 lines
685 B
Diff
20 lines
685 B
Diff
--- openssh-8.4p1.orig/auth-pam.c 2020-09-27 09:25:01.000000000 +0200
|
|
+++ openssh-8.4p1/auth-pam.c 2022-03-04 13:02:23.447712697 +0100
|
|
@@ -638,10 +638,12 @@
|
|
switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
|
|
case PAM_ERROR_MSG:
|
|
case PAM_TEXT_INFO:
|
|
- if ((r = sshbuf_putf(loginmsg, "%s\n",
|
|
- PAM_MSG_MEMBER(msg, i, msg))) != 0)
|
|
- fatal("%s: buffer error: %s",
|
|
- __func__, ssh_err(r));
|
|
+ if (strlen(PAM_MSG_MEMBER(msg, i, msg)) != 0) {
|
|
+ if ((r = sshbuf_putf(loginmsg, "%s\n",
|
|
+ PAM_MSG_MEMBER(msg, i, msg))) != 0)
|
|
+ fatal("%s: buffer error: %s",
|
|
+ __func__, ssh_err(r));
|
|
+ }
|
|
reply[i].resp_retcode = PAM_SUCCESS;
|
|
break;
|
|
default:
|