| Errata ID | 440 |
|---|---|
| Date | 2019-02-27 |
| Source package | openssh |
| Fixed in version | 1:7.4p1-10+deb9u5 |
| Description | This update addresses the following issues: * Disallow empty filenames or ones that refer to the current directory (CVE-2018-20685) * Sanitize scp filenames via snmprintf() (CVE-2019-6109) * Check in scp client that filenames sent during remote->local directory copies satisfy the wildcards specified by the user (CVE-2019-6111) |
| Additional notes | |
| CVE ID | CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 |
| UCS Bug number | #48780 |
