diff options
author | Colin Watson <cjwatson@debian.org> | 2015-08-20 10:02:21 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2015-08-20 10:35:52 +0100 |
commit | b06b9dabb90d7e2c7361f1db0bf1c59a2322506a (patch) | |
tree | 0322a33cf5ab900ec1bdca6e9ad9a1321b908786 /debian/changelog | |
parent | 2fb3683b54735e3b99706f0c44dbc9a062ff6987 (diff) | |
parent | 4c2916a2d9c0445b41e34805ddfbd7e323cbe6ec (diff) |
Let principals-command.sh work for noexec /var/run.
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/debian/changelog b/debian/changelog index d98a173ea..13bb8da42 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -131,7 +131,8 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium | |||
131 | - sshd(8): Format UsePAM setting when using sshd -T (closes: #767648). | 131 | - sshd(8): Format UsePAM setting when using sshd -T (closes: #767648). |
132 | - moduli(5): Update DH-GEX moduli (closes: #787037). | 132 | - moduli(5): Update DH-GEX moduli (closes: #787037). |
133 | * There are some things I want to fix before upgrading to 7.0p1, though I | 133 | * There are some things I want to fix before upgrading to 7.0p1, though I |
134 | intend to do that soon. In the meantime, backport security patches: | 134 | intend to do that soon. In the meantime, backport some patches, mainly |
135 | to fix security issues: | ||
135 | - SECURITY: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be | 136 | - SECURITY: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be |
136 | world-writable. Local attackers may be able to write arbitrary | 137 | world-writable. Local attackers may be able to write arbitrary |
137 | messages to logged-in users, including terminal escape sequences. | 138 | messages to logged-in users, including terminal escape sequences. |
@@ -152,6 +153,7 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium | |||
152 | times in a single pass. The LoginGraceTime timeout in sshd(8) and any | 153 | times in a single pass. The LoginGraceTime timeout in sshd(8) and any |
153 | authentication failure delays implemented by the authentication | 154 | authentication failure delays implemented by the authentication |
154 | mechanism itself were still applied. Found by Kingcope. | 155 | mechanism itself were still applied. Found by Kingcope. |
156 | - Let principals-command.sh work for noexec /var/run. | ||
155 | * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the | 157 | * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the |
156 | GSSAPI key exchange patch. | 158 | GSSAPI key exchange patch. |
157 | * Document the Debian-specific change to the default value of | 159 | * Document the Debian-specific change to the default value of |