Backport PAM security fixes.

- sshd(8): Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit. - sshd(8): Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution (closes: #795711). Also reported by Moritz Jodeit.
author: Colin Watson <cjwatson@debian.org> 2015-08-19 18:34:29 +0100
committer: Colin Watson <cjwatson@debian.org> 2015-08-19 18:37:32 +0100
commit: d2d9171e73cd2db10fabf9dd4924d3dcd5f13c7a (patch)
tree: deedfca8dcc980d858d5caacbde773e44a081bc2 /debian/changelog
parent: a608a63196dbda54e9bdd656baa253c56e76bace (diff)
parent: c0ec3def4bec4afe1cad9e99081e658200b13a02 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 6c851b644..8e8e9d778 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -136,6 +136,14 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
      world-writable.  Local attackers may be able to write arbitrary
      messages to logged-in users, including terminal escape sequences.
      Reported by Nikolay Edigaryev.
+    - sshd(8): Fixed a privilege separation weakness related to PAM support.
+      Attackers who could successfully compromise the pre-authentication
+      process for remote code execution and who had valid credentials on the
+      host could impersonate other users.  Reported by Moritz Jodeit.
+    - sshd(8): Fixed a use-after-free bug related to PAM support that was
+      reachable by attackers who could compromise the pre-authentication
+      process for remote code execution (closes: #795711).  Also reported by
+      Moritz Jodeit.
  * Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the
    GSSAPI key exchange patch.
author	Colin Watson <cjwatson@debian.org>	2015-08-19 18:34:29 +0100
committer	Colin Watson <cjwatson@debian.org>	2015-08-19 18:37:32 +0100
commit	d2d9171e73cd2db10fabf9dd4924d3dcd5f13c7a (patch)
tree	deedfca8dcc980d858d5caacbde773e44a081bc2 /debian/changelog
parent	a608a63196dbda54e9bdd656baa253c56e76bace (diff)
parent	c0ec3def4bec4afe1cad9e99081e658200b13a02 (diff)

diff --git a/debian/changelog b/debian/changelog index 6c851b644..8e8e9d778 100644 --- a/debian/changelog +++ b/debian/changelog
@@ -136,6 +136,14 @@ openssh (1:6.9p1-1) UNRELEASED; urgency=medium
136	world-writable. Local attackers may be able to write arbitrary	136	world-writable. Local attackers may be able to write arbitrary
137	messages to logged-in users, including terminal escape sequences.	137	messages to logged-in users, including terminal escape sequences.
138	Reported by Nikolay Edigaryev.	138	Reported by Nikolay Edigaryev.
		139	- sshd(8): Fixed a privilege separation weakness related to PAM support.
		140	Attackers who could successfully compromise the pre-authentication
		141	process for remote code execution and who had valid credentials on the
		142	host could impersonate other users. Reported by Moritz Jodeit.
		143	- sshd(8): Fixed a use-after-free bug related to PAM support that was
		144	reachable by attackers who could compromise the pre-authentication
		145	process for remote code execution (closes: #795711). Also reported by
		146	Moritz Jodeit.
139	* Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the	147	* Thanks to Jakub Jelen of Red Hat for Fedora's rebased version of the
140	GSSAPI key exchange patch.	148	GSSAPI key exchange patch.
141		149