diff options
author | Colin Watson <cjwatson@debian.org> | 2015-08-19 18:34:29 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2015-08-19 18:37:32 +0100 |
commit | d2d9171e73cd2db10fabf9dd4924d3dcd5f13c7a (patch) | |
tree | deedfca8dcc980d858d5caacbde773e44a081bc2 /debian/changelog | |
parent | a608a63196dbda54e9bdd656baa253c56e76bace (diff) | |
parent | c0ec3def4bec4afe1cad9e99081e658200b13a02 (diff) |
Backport PAM security fixes.
- sshd(8): Fixed a privilege separation weakness related to PAM support.
Attackers who could successfully compromise the pre-authentication
process for remote code execution and who had valid credentials on the
host could impersonate other users. Reported by Moritz Jodeit.
- sshd(8): Fixed a use-after-free bug related to PAM support that was
reachable by attackers who could compromise the pre-authentication
process for remote code execution (closes: #795711). Also reported by
Moritz Jodeit.
Diffstat (limited to 'debian/changelog')
-rw-r--r-- | debian/changelog | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 6c851b644..8e8e9d778 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -136,6 +136,14 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium | |||
136 | world-writable. Local attackers may be able to write arbitrary | 136 | world-writable. Local attackers may be able to write arbitrary |
137 | messages to logged-in users, including terminal escape sequences. | 137 | messages to logged-in users, including terminal escape sequences. |
138 | Reported by Nikolay Edigaryev. | 138 | Reported by Nikolay Edigaryev. |
139 | - sshd(8): Fixed a privilege separation weakness related to PAM support. | ||
140 | Attackers who could successfully compromise the pre-authentication | ||
141 | process for remote code execution and who had valid credentials on the | ||
142 | host could impersonate other users. Reported by Moritz Jodeit. | ||
143 | - sshd(8): Fixed a use-after-free bug related to PAM support that was | ||
144 | reachable by attackers who could compromise the pre-authentication | ||
145 | process for remote code execution (closes: #795711). Also reported by | ||
146 | Moritz Jodeit. | ||
139 | * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the | 147 | * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the |
140 | GSSAPI key exchange patch. | 148 | GSSAPI key exchange patch. |
141 | 149 | ||