File tree Expand file tree Collapse file tree 1 file changed +7
-1
lines changed
Expand file tree Collapse file tree 1 file changed +7
-1
lines changed Original file line number Diff line number Diff line change 99 and earlier. Users of wolfSSH must update or apply the fix patch and it’s
1010 recommended to update credentials used. This fix is also recommended for
1111 wolfSSH server applications. While there aren’t any specific attacks, the
12- same defect is present.
12+ same defect is present. (PR 855)
13+ - [ Medium] CVE-2025 -15382. The function used to clean up a path string may read
14+ one byte off the end of the bounds of the string. The function is used by the
15+ SCP handling in wolfSSH. This affects server applications with wolfSSH
16+ versions 1.4.12 through 1.4.21, inclusive. (PR 859)
1317
1418## New Features
1519
5054
5155## Fixes
5256
57+ - Fix off-by-1 read error when cleaning the file path for SCP and SFTP. (PR
58+ 859 )
5359- Fixed incorrect handling of zero-length SSH strings in packet parsing. (PR
5460 857 )
5561- Fixed a worker-thread deadlock caused by blocked sends preventing
You can’t perform that action at this time.
0 commit comments