diff options
| author | Colin Watson <cjwatson@debian.org> | 2010-05-22 23:37:08 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2010-05-22 23:37:08 +0100 |
| commit | fd8ccdb64c4b65092d8bac720e17068e5ef31881 (patch) | |
| tree | bd019e95cdebce817daeec5403d64ebb13b58dfb /debian/changelog | |
| parent | d61e316833eb7d05b0b5c937bfce8ee0f19dc7cb (diff) | |
Check primary group memberships as well as supplementary group
memberships, and only allow group-writability by groups with exactly one
member, as zero-member groups are typically used by setgid binaries
rather than being user-private groups (closes: #581697).
Diffstat (limited to 'debian/changelog')
| -rw-r--r-- | debian/changelog | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index a27f3b57f..60d985e2f 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -9,6 +9,10 @@ openssh (1:5.5p1-4) UNRELEASED; urgency=low | |||
| 9 | group-writable, provided that the group in question contains only the | 9 | group-writable, provided that the group in question contains only the |
| 10 | file's owner; this extends a patch previously applied to ~/.ssh/config | 10 | file's owner; this extends a patch previously applied to ~/.ssh/config |
| 11 | (closes: #581919). | 11 | (closes: #581919). |
| 12 | * Check primary group memberships as well as supplementary group | ||
| 13 | memberships, and only allow group-writability by groups with exactly one | ||
| 14 | member, as zero-member groups are typically used by setgid binaries | ||
| 15 | rather than being user-private groups (closes: #581697). | ||
| 12 | 16 | ||
| 13 | -- Colin Watson <cjwatson@debian.org> Tue, 04 May 2010 13:32:17 +0100 | 17 | -- Colin Watson <cjwatson@debian.org> Tue, 04 May 2010 13:32:17 +0100 |
| 14 | 18 | ||