summaryrefslogtreecommitdiff
path: root/debian/changelog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2016-01-14 15:07:15 +0000
committerColin Watson <cjwatson@debian.org>2016-01-14 15:27:10 +0000
commit4810a3bdc4fe716b6ea91518e920785e4af83a26 (patch)
tree37a1d7f0ab88c9b3160d1dc35642c4f050f00662 /debian/changelog
parent384abfcda5999e864f1de256f90e4479ccbeabd5 (diff)
parent003a875a474100d250b6643270ef3874da6591d8 (diff)
New upstream release (7.1p2).
Diffstat (limited to 'debian/changelog')
-rw-r--r--debian/changelog16
1 files changed, 16 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 51d296c5e..86ea183ef 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,19 @@
1openssh (1:7.1p2-1) UNRELEASED; urgency=high
2
3 * New upstream release (http://www.openssh.com/txt/release-7.1p2):
4 - CVE-2016-0777, CVE-2016-0778: Disable experimental client-side support
5 for roaming, which could be tricked by a malicious server into leaking
6 client memory to the server, including private client user keys; this
7 information leak is restricted to connections to malicious or
8 compromised servers (closes: #810984).
9 - SECURITY: Fix an out of-bound read access in the packet handling code.
10 Reported by Ben Hawkes.
11 - Further use of explicit_bzero has been added in various buffer
12 handling code paths to guard against compilers aggressively doing
13 dead-store removal.
14
15 -- Colin Watson <cjwatson@debian.org> Thu, 14 Jan 2016 15:08:21 +0000
16
1openssh (1:7.1p1-6) unstable; urgency=medium 17openssh (1:7.1p1-6) unstable; urgency=medium
2 18
3 [ Colin Watson ] 19 [ Colin Watson ]