* Annotate 1:4.1p1-1 changelog with CVE references.

- SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts to be incorrectly activated for dynamic ("-D") port forwardings when no listen address was explicitly specified (closes: #326065). - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI credentials. This code is only built in openssh-krb5, not openssh, but I mention the CVE reference here anyway for completeness.
author: Colin Watson <cjwatson@debian.org> 2005-09-14 14:51:01 +0000
committer: Colin Watson <cjwatson@debian.org> 2005-09-14 14:51:01 +0000
commit: 2a6f54a2f2f0efe713ee5f6eb9e2099aef0ed516 (patch)
tree: d9f508e4ca2d3b236b92f3e88cad00d1ae3be54e
parent: 2c5707a233d2219f0e86913de1a741184362657c (diff)
1 files changed, 13 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index c6cfaae62..5859fd3de 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,19 @@
+openssh (1:4.2p1-2) UNRELEASED; urgency=low
+  * Annotate 1:4.1p1-1 changelog with CVE references.
+ -- Colin Watson <cjwatson@debian.org>  Wed, 14 Sep 2005 15:48:57 +0100
 openssh (1:4.2p1-1) unstable; urgency=low
  * New upstream release.
-    - SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts
+    - SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that
-      to be incorrectly activated for dynamic ("-D") port forwardings when
+      caused GatewayPorts to be incorrectly activated for dynamic ("-D")
-      no listen address was explicitly specified (closes: #326065).
+      port forwardings when no listen address was explicitly specified
+      (closes: #326065).
+    - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI
+      credentials. This code is only built in openssh-krb5, not openssh, but
+      I mention the CVE reference here anyway for completeness.
    - Add a new compression method ("Compression delayed") that delays zlib
      compression until after authentication, eliminating the risk of zlib
      vulnerabilities being exploited by unauthenticated users. Note that
author	Colin Watson <cjwatson@debian.org>	2005-09-14 14:51:01 +0000
committer	Colin Watson <cjwatson@debian.org>	2005-09-14 14:51:01 +0000
commit	2a6f54a2f2f0efe713ee5f6eb9e2099aef0ed516 (patch)
tree	d9f508e4ca2d3b236b92f3e88cad00d1ae3be54e
parent	2c5707a233d2219f0e86913de1a741184362657c (diff)

diff --git a/debian/changelog b/debian/changelog index c6cfaae62..5859fd3de 100644 --- a/debian/changelog +++ b/debian/changelog
@@ -1,9 +1,19 @@
		1	openssh (1:4.2p1-2) UNRELEASED; urgency=low
		2
		3	* Annotate 1:4.1p1-1 changelog with CVE references.
		4
		5	-- Colin Watson <cjwatson@debian.org> Wed, 14 Sep 2005 15:48:57 +0100
		6
1	openssh (1:4.2p1-1) unstable; urgency=low	7	openssh (1:4.2p1-1) unstable; urgency=low
2		8
3	* New upstream release.	9	* New upstream release.
4	- SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts	10	- SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that
5	to be incorrectly activated for dynamic ("-D") port forwardings when	11	caused GatewayPorts to be incorrectly activated for dynamic ("-D")
6	no listen address was explicitly specified (closes: #326065).	12	port forwardings when no listen address was explicitly specified
		13	(closes: #326065).
		14	- SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI
		15	credentials. This code is only built in openssh-krb5, not openssh, but
		16	I mention the CVE reference here anyway for completeness.
7	- Add a new compression method ("Compression delayed") that delays zlib	17	- Add a new compression method ("Compression delayed") that delays zlib
8	compression until after authentication, eliminating the risk of zlib	18	compression until after authentication, eliminating the risk of zlib
9	vulnerabilities being exploited by unauthenticated users. Note that	19	vulnerabilities being exploited by unauthenticated users. Note that