Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5.

- CVE-2008-1483: Don't use X11 forwarding port which can't be bound on all address families, preventing hijacking of X11 forwarding by
author: Colin Watson <cjwatson@debian.org> 2008-04-01 13:13:10 +0000
committer: Colin Watson <cjwatson@debian.org> 2008-04-01 13:13:10 +0000
commit: c4858635c52e0af551ff5d603ee83ea9dd50e493 (patch)
tree: 951009d9d2a3de6f12f9702329b2e1fe64fc34ff
parent: 15afba59bef080d540f986583afaec22d2ea3956 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 2836a2902..c46405b33 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+openssh (1:4.7p1-8) UNRELEASED; urgency=low
+  * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5.
+ -- Colin Watson <cjwatson@debian.org>  Tue, 01 Apr 2008 14:12:43 +0100
 openssh (1:4.7p1-7) unstable; urgency=low
  * Ignore errors writing to oom_adj (closes: #473573).
@@ -17,8 +23,8 @@ openssh (1:4.7p1-5) unstable; urgency=low
  * Document in ssh(1) that '-S none' disables connection sharing
    (closes: #471437).
  * Patch from Red Hat / Fedora:
-    - SECURITY: Don't use X11 forwarding port which can't be bound on all
+    - CVE-2008-1483: Don't use X11 forwarding port which can't be bound on
-      address families, preventing hijacking of X11 forwarding by
+      all address families, preventing hijacking of X11 forwarding by
      unprivileged users when both IPv4 and IPv6 are configured (closes:
      #463011).
  * Use printf rather than echo -en (a bashism) in openssh-server.config and
author	Colin Watson <cjwatson@debian.org>	2008-04-01 13:13:10 +0000
committer	Colin Watson <cjwatson@debian.org>	2008-04-01 13:13:10 +0000
commit	c4858635c52e0af551ff5d603ee83ea9dd50e493 (patch)
tree	951009d9d2a3de6f12f9702329b2e1fe64fc34ff
parent	15afba59bef080d540f986583afaec22d2ea3956 (diff)