[kirkstone] openssh: fix CVE-2023-28531

Return-Path: <Qi.Chen@windriver.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 08092C76195
	for <webhook@archiver.kernel.org>; Tue, 28 Mar 2023 08:42:05 +0000 (UTC)
Received: from mx0a-0064b401.pphosted.com (mx0a-0064b401.pphosted.com
 [205.220.166.238])
 by mx.groups.io with SMTP id smtpd.web11.61358.1679992918732990272
 for <openembedded-core@lists.openembedded.org>;
 Tue, 28 Mar 2023 01:41:58 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@windriver.com header.s=pps06212021 header.b=dhnX1+4y;
 spf=permerror,
 err=parse error for token &{10 18 %{ir}.%{v}.%{d}.spf.has.pphosted.com}:
 invalid domain name (domain: windriver.com, ip: 205.220.166.238,
 mailfrom: prvs=24515f2299=qi.chen@windriver.com)
Received: from pps.filterd (m0250810.ppops.net [127.0.0.1])
	by mx0a-0064b401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 32S5R850023563
	for <openembedded-core@lists.openembedded.org>;
 Tue, 28 Mar 2023 01:41:58 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=windriver.com;
 h=from : to :
 subject : date : message-id : content-transfer-encoding : content-type :
 mime-version; s=PPS06212021;
 bh=ym60mTsjeU8uURci2V6e/6ZwiHt0ZrTQ65mTpgKFxmI=;
 b=dhnX1+4yOeDiurl1TBQOPtEvoGahZUS+pQ4FXdjzkt7bP2rhfsEcsYvGJVeSbTlgoc6i
 OunK3I2mhh4yNS5AkqjMpVswtdYCKetbMcHCY4hR5pZU9TVRIuyV8KTndG0DS8mVLHDG
 InCZackM+QQotEwXLrwHdlQolL5NU4CjXdN7zEZ7N571Pl0RRfGYy9DdPMyN9SoqYClU
 9AfyKtuV8Vi0qrmTH58qEGxiORiqubbrGOuGsO7M61PPn9Z/dioLNu3qTn4sJCXzzXcG
 9D5GRIDzfkMeYyuE1WGXg//kiU2IbeB4A7K2nHgveOjvLwjhtgzNlfPvX1jYas1uldsN Qw==
Received: from nam10-bn7-obe.outbound.protection.outlook.com
 (mail-bn7nam10lp2100.outbound.protection.outlook.com [104.47.70.100])
	by mx0a-0064b401.pphosted.com (PPS) with ESMTPS id 3phv85ttp4-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
	for <openembedded-core@lists.openembedded.org>;
 Tue, 28 Mar 2023 01:41:58 -0700
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=gHXd+9mEdnhTodKnKuiferL/YMJ59h3bYLGjGglBV2BqxucwIZf/nbXEBlbX7zsUtWB+PU3Y94HHqb2QTk8KF+npu40I3tzKHogmA4h8OTBR3vpFTLZWe/s/NvMIAnuOvjj66KCrW2TKvJ0EC9P9/NieQDv4d0FdiQhKt8ODDAAH255VSy9YjlYuYhHvkTeNUjVSnnt19VqTnPRBnq5sR7gNatWZ84LF8KVyLsZJt7DLF5eqrZmq5+UPaC0Nky1tKhIj/+rxD06GIFg4+Sk+QCszAlSiYPqA29zgevoys9n+hevyWf5rpEshqImtyonx5yap1KF4RtO6UX40vvMENg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=ym60mTsjeU8uURci2V6e/6ZwiHt0ZrTQ65mTpgKFxmI=;
 b=gfqge5NIIp487s0NcA/07n3cqOLEM7uMOeIs1pyPadzNdQe/FNCMECkBdX7EXsl1XOiVtQ4rJIVJkSM1kU6E6I+qp5VaiEoMSEEDAzMANn+LC5Kfo2VcpLyZFeQaPSoAwrrvZfgVe/177WsaKOudIAQ4Y7PWDw+qsXsAm/TInkcbfykeJGRh0CFiRwAGc5bOZaxRXSI0WKIrs4REenifiHDrLdq6i3hvvUDuD+7fSmXMWzzsjlPSvdDFSjeQXxggj25rjNiCiedb7Ypi8/i/80k5lYpXTLbCbyhJ36sLd4zI5O7WPR8GE6SQ2kQvdXsXrhcK79T1uqBbXj8zQ4f9JQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=windriver.com; dmarc=pass action=none
 header.from=windriver.com; dkim=pass header.d=windriver.com; arc=none
Received: from CO6PR11MB5602.namprd11.prod.outlook.com (2603:10b6:303:13a::5)
 by DM4PR11MB6501.namprd11.prod.outlook.com (2603:10b6:8:88::6) with Microsoft
 SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.6222.30; Tue, 28 Mar 2023 08:41:53 +0000
Received: from CO6PR11MB5602.namprd11.prod.outlook.com
 ([fe80::ab37:4985:7b95:2b95]) by CO6PR11MB5602.namprd11.prod.outlook.com
 ([fe80::ab37:4985:7b95:2b95%6]) with mapi id 15.20.6222.033; Tue, 28 Mar 2023
 08:41:53 +0000
From: Chen Qi <Qi.Chen@windriver.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone][PATCH] openssh: fix CVE-2023-28531
Date: Tue, 28 Mar 2023 01:41:41 -0700
Message-Id: <20230328084141.49802-1-Qi.Chen@windriver.com>
X-Mailer: git-send-email 2.37.1
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-ClientProxiedBy: SJ0P220CA0010.NAMP220.PROD.OUTLOOK.COM
 (2603:10b6:a03:41b::14) To CO6PR11MB5602.namprd11.prod.outlook.com
 (2603:10b6:303:13a::5)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CO6PR11MB5602:EE_|DM4PR11MB6501:EE_
X-MS-Office365-Filtering-Correlation-Id: afd98772-d084-4ce7-eaee-08db2f684772
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	jC4D4hK/8oG607jfL0mE7qBqccN1kYju8F+0ex1H8LhLrl888rkmaT8E68hAt9morIPo2r7Rk1zA+Qvvoq0KjB7gX9ALYmypo5SNC7xkknpyUn7HS15IhoIRF/QdzMMKGfdi6LGWVNpD7wHrV07pXa/iBs3fDysymdZKXzylAxQwaLehzVrw/PddW6mOWE781vOCfHrk1jiRQ0AqHIqpjBU2bc5DzmN88mquuJxV154+n9hG/ZgZNKR3mhxcIV/nvbxwSkUb8uQgN1lFICHUQQ7mFldhlvTUGnMLGzvvBkF3p/+ja8xS9A/4JIdSrB13sE82u8POnoc9PS528eO1qaQb7tlM7WFiEJ4GQ0N3Cyy1rIzVfyM+Kj7PbKWkxLa6TAcS5YQxwNx1bRrZk9kVZM/bvsRZ/zrykwXJ28OvC++uuP8cmH9HLgzQ5ky03TBcL1wDwn8LvyfYpLU3kz4XsAbv9teIvcZOgsUUa6sq9qiNq4ep8xexnhZyOClqM+gaVFakLVrsOI7+NHFgiJa4ggN2StX2/vcCMasjELp5nYvIUTkr7kOvHbrNKIdnbYjLNjxDeFRQeE1kuA8qQOYbVXtXszZtmTi79DkJZUl1b1k=
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO6PR11MB5602.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230028)(4636009)(396003)(376002)(39850400004)(366004)(136003)(346002)(451199021)(316002)(478600001)(8936002)(86362001)(36756003)(5660300002)(38350700002)(2906002)(38100700002)(66476007)(6916009)(8676002)(66946007)(66556008)(41300700001)(1076003)(6666004)(186003)(6506007)(26005)(6512007)(2616005)(83380400001)(52116002)(6486002);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 0Z6xORbccKjxv97iyihH9EGFzFnEyy7G4GsqCnxBDf5ThJXCesswg96x05Grvp5wHCkUBHY1RVix9tJliZlkdFoIGS2bPGpFW7Ls92jjpqtjuIL9wJ5D3OZ+j2v82e+oNwiA5XYIWWzQpmha8Wz3XTKp0REbslhDNnGhMe61vvZo4cIgXVYLV16NSIPAWMOR5pqtn5IQVFzGN4VzJWfJq+GeyElVJMhnv0xGp6LbfI+SMUyw/rU7RaCbkvlNX7vYeuhOcVG38YQfooiWFMfsQau9nly7mI3+hxh4oLPTYric0qZBSVfqrAe0C1fOwxgy9Dmvz/LVPOyo6hZxXX4ZeUanBSNw57BAq3aEGsNKqVE8MGxSMFvPkUhskJfHWv6U4UBipbC6UTcGP97cklqxCZxRLYKL9frUxelz/6rL2B+Uoz+4k7pTl21FtU5LkN0btuTAZBTlZ0nM6lgqhJysgUhacNLow5yQg88WQ+o5N/IFdmM5xahnz3kgMl+6RZ7lFUJzXXObMEsWr41fYEIoZ4gbO9zNxYg7QygrE2pKYTXsQGBO0QPm9bXxpLj6UAGo9M+zmybX9k6zZTXIk1mi9k1QgWsStVKR2kKPGXtHLRC5zfn/ZFi31aYzkhYejhGYSVPbIRwwDDEv3kNSMkDTZChwbn8UFv9ffmgBEmCvbUdvaZTy1G5I5N5LzFVXYssMICD5N7T4KP8LrBETZqxlqnePKir06aDgK2egCyD/K2nIxV/poNnh7WEMi6hVKZSWzj+HDmQuiV6f/+HwM2BwZTXbJuHtHyezslKjEucPaB3HdwjggbjHgzLzB1xokl3oTRGKrFOqNwCZpvj3f6AbWSCeKvamfNIQp6abwSls/KeGzLFEpo6r4GaKR5nNCCFyoRby9E/OBPVuTTDWWDoIDLiYAnF2ea4cvpYvb+uRDR+WGveKNUVRQaW5tZmfhmGZ8wvr0oTj3/W39j8SFNcTech6j9mVK5oYyP1egCjaGMAdgGHn8+/SXbcdnAj8w7ddYeDkmT/MjSDhETLJSfyCCajv1oj5oZ71IE0MTqMa76vd+KN6l8s6k0QD6ae9V7rDfFTqYfRAyFe2kRJkNszrw+Jo2I8vxW7x0hGHUoMTaleD76GaCo4WD+oJGwM5S0rqPPsDkFKSK+sFj0HCua3XosAfmvDb2zofXyayzLx8/eZMFIMn7rf4U+tRgpLK/pLOE+2jbR1G3g9fzU8aRqf/dlF+MPhV3GTyCLOARz4AWILHPab/0qErgI73rRF34H1is/O/tQZgMK406tkQteimr4MhO/BSTaYaJBqi9USi7t9b34+kz49QF3whHbD1dV1an3hu/8ICne8XQESquKDaoB3qPOjVIPTt63in6TRpBgvOlDlHE/rhvHscU1EMuwD0ybTg1HCErxO/oDn50il9g9Xlh3ry/0el63C4h7ZeuLkKXhOQaWsgyGk/yrpNAipdcs4wESDrv/XaPLpmPb2CpIF9WXHmciPFQQoH6SPbTnurrcfigw5kAnUN/oLvzZhalBXPgwoTTJoTvXp+MpQLG+kf2Xe51ECWtK/KLC0o2twMsPQdW9Gy6JmLwwwCSE6umuYimuHgCKwjjoh38EFyxA==
X-OriginatorOrg: windriver.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 afd98772-d084-4ce7-eaee-08db2f684772
X-MS-Exchange-CrossTenant-AuthSource: CO6PR11MB5602.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Mar 2023 08:41:52.6127
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 8ddb2873-a1ad-4a18-ae4e-4644631433be
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 3NszlDNWeZ2aMyM5gMSu3TG7YEPkPtXeLK3Y1yHiqGhQjhsOPL3smAAF3tThzBEqVLFM1wPU2DgTR2THCi3rFw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM4PR11MB6501
X-Proofpoint-GUID: pW0KAjGSA-x1zSSryrpnnISNiWuthM7m
X-Proofpoint-ORIG-GUID: pW0KAjGSA-x1zSSryrpnnISNiWuthM7m
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.254,Aquarius:18.0.942,Hydra:6.0.573,FMLib:17.11.170.22
 definitions=2023-03-24_11,2023-03-27_02,2023-02-09_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 suspectscore=0 malwarescore=0
 adultscore=0 clxscore=1015 mlxlogscore=999 bulkscore=0 spamscore=0
 impostorscore=0 phishscore=0 mlxscore=0 priorityscore=1501
 lowpriorityscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.12.0-2303200000 definitions=main-2303280072
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Tue, 28 Mar 2023 08:42:05 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/179213