diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-03-07 23:05:17 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-03-07 23:05:17 +1100 |
commit | cd70e1b8137023539df57b175b733341d8f4d776 (patch) | |
tree | 03efa18fa906f725b07eee451fe96ec9117a3138 /ChangeLog | |
parent | ac0c4c9c1d511839b2c86ebe5994298b524ceffd (diff) |
- dtucker@cvs.openbsd.org 2010/03/07 11:57:13
[auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
Hold authentication debug messages until after successful authentication.
Fixes an info leak of environment variables specified in authorized_keys,
reported by Jacob Appelbaum. ok djm@
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 6 |
1 files changed, 6 insertions, 0 deletions
@@ -7,6 +7,12 @@ | |||
7 | by permanently_set_uid. | 7 | by permanently_set_uid. |
8 | - (dtucker) [session.c] Also initialize creds to NULL for handing to | 8 | - (dtucker) [session.c] Also initialize creds to NULL for handing to |
9 | setpcred. | 9 | setpcred. |
10 | - (dtucker) OpenBSD CVS Sync | ||
11 | - dtucker@cvs.openbsd.org 2010/03/07 11:57:13 | ||
12 | [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c] | ||
13 | Hold authentication debug messages until after successful authentication. | ||
14 | Fixes an info leak of environment variables specified in authorized_keys, | ||
15 | reported by Jacob Appelbaum. ok djm@ | ||
10 | 16 | ||
11 | 20100305 | 17 | 20100305 |
12 | - OpenBSD CVS Sync | 18 | - OpenBSD CVS Sync |