Add a couple of SECURITY: tags.

1 files changed, 8 insertions, 7 deletions

diff --git a/debian/changelog b/debian/changelog
index 252bc394f..d8745c0e5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -136,14 +136,15 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
       world-writable.  Local attackers may be able to write arbitrary
       messages to logged-in users, including terminal escape sequences.
       Reported by Nikolay Edigaryev.
-    - sshd(8): Fixed a privilege separation weakness related to PAM support.
-      Attackers who could successfully compromise the pre-authentication
-      process for remote code execution and who had valid credentials on the
-      host could impersonate other users.  Reported by Moritz Jodeit.
-    - sshd(8): Fixed a use-after-free bug related to PAM support that was
-      reachable by attackers who could compromise the pre-authentication
-      process for remote code execution (closes: #795711).  Also reported by
+    - SECURITY: sshd(8): Fixed a privilege separation weakness related to
+      PAM support.  Attackers who could successfully compromise the
+      pre-authentication process for remote code execution and who had valid
+      credentials on the host could impersonate other users.  Reported by
       Moritz Jodeit.
+    - SECURITY: sshd(8): Fixed a use-after-free bug related to PAM support
+      that was reachable by attackers who could compromise the
+      pre-authentication process for remote code execution (closes:
+      #795711).  Also reported by Moritz Jodeit.
     - CVE-2015-5600: sshd(8): Fix circumvention of MaxAuthTries using
       keyboard-interactive authentication (closes: #793616).  By specifying
       a long, repeating keyboard-interactive "devices" string, an attacker