SSH 3.1.0 Potential Exploit + FIX

[SoulBlazer <soul () lamp-post net>]

Greetings,

With all the hype about openssh being hackable, and zlib-1.1.3 being a 
potential hole, I believe that perhaps the following has been overlooked.

(/usr/src/build/ssh-3.1.0/lib/zlib)# : more ChangeLog

                ChangeLog file for zlib

Changes in 1.1.3 (9 July 1998)
- fix "an inflate input buffer bu

Heh anyhow I patched ssh 3.1.0 against the newer zlib (1.1.4) and made the 
appropriate adjustments, patch attached.

Cheers,

Shoutouts to galt, FEENiX, wirepair, cylons, lpn, aeonflux, terrorbyt, 
index1, korolev, killahack,cowofdoom,oatmeal.. and any who I missed here.. 
you know who you are. =)

--
Tread lightly, for you address not the storm.. but the force that binds it..

Attachment: zlib-1.1.4-ssh-3.1.0.diff.bz2
Description: