Implement "strict key exchange" in ssh and sshd.
This adds a protocol extension to improve the integrity of the SSH
transport protocol, particular in and around the initial key exchange
(KEX) phase.
Full details of the extension are in the PROTOCOL file.
OpenBSD-Commit-ID:
2a66ac962f0a630d7945fee54004ed9e9c439f14
Approved by: so (implicit)
Obtained from: https://anongit.mindrot.org/openssh.git/patch/?id=
1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
Security: CVE-2023-48795
Security: FreeBSD-SA-23:19.openssh
(cherry picked from commit
92f58c69a14c0afe910145f177c0e8aeaf9c7da4)
(cherry picked from commit
3bafcb9744c966ff7750357b24fc7942f2d928d4)
projects / FreeBSD / FreeBSD.git / commit