summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2005-09-14 14:51:01 +0000
committerColin Watson <cjwatson@debian.org>2005-09-14 14:51:01 +0000
commit2a6f54a2f2f0efe713ee5f6eb9e2099aef0ed516 (patch)
treed9f508e4ca2d3b236b92f3e88cad00d1ae3be54e /debian/changelog
parent2c5707a233d2219f0e86913de1a741184362657c (diff)
* Annotate 1:4.1p1-1 changelog with CVE references.
- SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts to be incorrectly activated for dynamic ("-D") port forwardings when no listen address was explicitly specified (closes: #326065). - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI credentials. This code is only built in openssh-krb5, not openssh, but I mention the CVE reference here anyway for completeness.
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog16
1 files changed, 13 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index c6cfaae62..5859fd3de 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,9 +1,19 @@
1openssh (1:4.2p1-2) UNRELEASED; urgency=low
2
3 * Annotate 1:4.1p1-1 changelog with CVE references.
4
5 -- Colin Watson <cjwatson@debian.org> Wed, 14 Sep 2005 15:48:57 +0100
6
1openssh (1:4.2p1-1) unstable; urgency=low 7openssh (1:4.2p1-1) unstable; urgency=low
2 8
3 * New upstream release. 9 * New upstream release.
4 - SECURITY: Fix a bug introduced in OpenSSH 4.0 that caused GatewayPorts 10 - SECURITY (CAN-2005-2797): Fix a bug introduced in OpenSSH 4.0 that
5 to be incorrectly activated for dynamic ("-D") port forwardings when 11 caused GatewayPorts to be incorrectly activated for dynamic ("-D")
6 no listen address was explicitly specified (closes: #326065). 12 port forwardings when no listen address was explicitly specified
13 (closes: #326065).
14 - SECURITY (CAN-2005-2798): Fix improper delegation of GSSAPI
15 credentials. This code is only built in openssh-krb5, not openssh, but
16 I mention the CVE reference here anyway for completeness.
7 - Add a new compression method ("Compression delayed") that delays zlib 17 - Add a new compression method ("Compression delayed") that delays zlib
8 compression until after authentication, eliminating the risk of zlib 18 compression until after authentication, eliminating the risk of zlib
9 vulnerabilities being exploited by unauthenticated users. Note that 19 vulnerabilities being exploited by unauthenticated users. Note that