summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2015-08-20 10:02:21 +0100
committerColin Watson <cjwatson@debian.org>2015-08-20 10:35:52 +0100
commitb06b9dabb90d7e2c7361f1db0bf1c59a2322506a (patch)
tree0322a33cf5ab900ec1bdca6e9ad9a1321b908786 /debian/changelog
parent2fb3683b54735e3b99706f0c44dbc9a062ff6987 (diff)
parent4c2916a2d9c0445b41e34805ddfbd7e323cbe6ec (diff)
Let principals-command.sh work for noexec /var/run.
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog4
1 files changed, 3 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog
index d98a173ea..13bb8da42 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -131,7 +131,8 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
131 - sshd(8): Format UsePAM setting when using sshd -T (closes: #767648). 131 - sshd(8): Format UsePAM setting when using sshd -T (closes: #767648).
132 - moduli(5): Update DH-GEX moduli (closes: #787037). 132 - moduli(5): Update DH-GEX moduli (closes: #787037).
133 * There are some things I want to fix before upgrading to 7.0p1, though I 133 * There are some things I want to fix before upgrading to 7.0p1, though I
134 intend to do that soon. In the meantime, backport security patches: 134 intend to do that soon. In the meantime, backport some patches, mainly
135 to fix security issues:
135 - SECURITY: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be 136 - SECURITY: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be
136 world-writable. Local attackers may be able to write arbitrary 137 world-writable. Local attackers may be able to write arbitrary
137 messages to logged-in users, including terminal escape sequences. 138 messages to logged-in users, including terminal escape sequences.
@@ -152,6 +153,7 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
152 times in a single pass. The LoginGraceTime timeout in sshd(8) and any 153 times in a single pass. The LoginGraceTime timeout in sshd(8) and any
153 authentication failure delays implemented by the authentication 154 authentication failure delays implemented by the authentication
154 mechanism itself were still applied. Found by Kingcope. 155 mechanism itself were still applied. Found by Kingcope.
156 - Let principals-command.sh work for noexec /var/run.
155 * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the 157 * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the
156 GSSAPI key exchange patch. 158 GSSAPI key exchange patch.
157 * Document the Debian-specific change to the default value of 159 * Document the Debian-specific change to the default value of