diff options
author | Colin Watson <cjwatson@debian.org> | 2015-08-19 18:09:02 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2015-08-19 18:09:02 +0100 |
commit | a608a63196dbda54e9bdd656baa253c56e76bace (patch) | |
tree | 1feaebcaaa3cb6adfcef60ea8978d2d77ccdaeb4 /debian/changelog | |
parent | 10da4133c011a9f07e108043046e73f981d87b65 (diff) |
Fill in CVE-2015-5352 identifier and close #790798.
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index e77d3462a..6c851b644 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -64,12 +64,13 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium | |||
64 | formats. | 64 | formats. |
65 | - ssh-keygen(1): Fix KRL generation bug when multiple CAs are in use. | 65 | - ssh-keygen(1): Fix KRL generation bug when multiple CAs are in use. |
66 | * New upstream release (http://www.openssh.com/txt/release-6.9): | 66 | * New upstream release (http://www.openssh.com/txt/release-6.9): |
67 | - SECURITY: ssh(1): When forwarding X11 connections with | 67 | - CVE-2015-5352: ssh(1): When forwarding X11 connections with |
68 | ForwardX11Trusted=no, connections made after ForwardX11Timeout expired | 68 | ForwardX11Trusted=no, connections made after ForwardX11Timeout expired |
69 | could be permitted and no longer subject to XSECURITY restrictions | 69 | could be permitted and no longer subject to XSECURITY restrictions |
70 | because of an ineffective timeout check in ssh(1) coupled with "fail | 70 | because of an ineffective timeout check in ssh(1) coupled with "fail |
71 | open" behaviour in the X11 server when clients attempted connections | 71 | open" behaviour in the X11 server when clients attempted connections |
72 | with expired credentials. This problem was reported by Jann Horn. | 72 | with expired credentials (closes: #790798). This problem was reported |
73 | by Jann Horn. | ||
73 | - SECURITY: ssh-agent(1): Fix weakness of agent locking (ssh-add -x) to | 74 | - SECURITY: ssh-agent(1): Fix weakness of agent locking (ssh-add -x) to |
74 | password guessing by implementing an increasing failure delay, storing | 75 | password guessing by implementing an increasing failure delay, storing |
75 | a salted hash of the password rather than the password itself and | 76 | a salted hash of the password rather than the password itself and |