diff options
author | Colin Watson <cjwatson@debian.org> | 2016-01-14 15:07:15 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2016-01-14 15:27:10 +0000 |
commit | 4810a3bdc4fe716b6ea91518e920785e4af83a26 (patch) | |
tree | 37a1d7f0ab88c9b3160d1dc35642c4f050f00662 /debian/changelog | |
parent | 384abfcda5999e864f1de256f90e4479ccbeabd5 (diff) | |
parent | 003a875a474100d250b6643270ef3874da6591d8 (diff) |
New upstream release (7.1p2).
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 51d296c5e..86ea183ef 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,19 @@ | |||
1 | openssh (1:7.1p2-1) UNRELEASED; urgency=high | ||
2 | |||
3 | * New upstream release (http://www.openssh.com/txt/release-7.1p2): | ||
4 | - CVE-2016-0777, CVE-2016-0778: Disable experimental client-side support | ||
5 | for roaming, which could be tricked by a malicious server into leaking | ||
6 | client memory to the server, including private client user keys; this | ||
7 | information leak is restricted to connections to malicious or | ||
8 | compromised servers (closes: #810984). | ||
9 | - SECURITY: Fix an out of-bound read access in the packet handling code. | ||
10 | Reported by Ben Hawkes. | ||
11 | - Further use of explicit_bzero has been added in various buffer | ||
12 | handling code paths to guard against compilers aggressively doing | ||
13 | dead-store removal. | ||
14 | |||
15 | -- Colin Watson <cjwatson@debian.org> Thu, 14 Jan 2016 15:08:21 +0000 | ||
16 | |||
1 | openssh (1:7.1p1-6) unstable; urgency=medium | 17 | openssh (1:7.1p1-6) unstable; urgency=medium |
2 | 18 | ||
3 | [ Colin Watson ] | 19 | [ Colin Watson ] |