diff options
author | Colin Watson <cjwatson@debian.org> | 2008-04-01 13:13:10 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2008-04-01 13:13:10 +0000 |
commit | c4858635c52e0af551ff5d603ee83ea9dd50e493 (patch) | |
tree | 951009d9d2a3de6f12f9702329b2e1fe64fc34ff /debian | |
parent | 15afba59bef080d540f986583afaec22d2ea3956 (diff) |
Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5.
- CVE-2008-1483: Don't use X11 forwarding port which can't be bound on
all address families, preventing hijacking of X11 forwarding by
Diffstat (limited to 'debian')
-rw-r--r-- | debian/changelog | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index 2836a2902..c46405b33 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -1,3 +1,9 @@ | |||
1 | openssh (1:4.7p1-8) UNRELEASED; urgency=low | ||
2 | |||
3 | * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5. | ||
4 | |||
5 | -- Colin Watson <cjwatson@debian.org> Tue, 01 Apr 2008 14:12:43 +0100 | ||
6 | |||
1 | openssh (1:4.7p1-7) unstable; urgency=low | 7 | openssh (1:4.7p1-7) unstable; urgency=low |
2 | 8 | ||
3 | * Ignore errors writing to oom_adj (closes: #473573). | 9 | * Ignore errors writing to oom_adj (closes: #473573). |
@@ -17,8 +23,8 @@ openssh (1:4.7p1-5) unstable; urgency=low | |||
17 | * Document in ssh(1) that '-S none' disables connection sharing | 23 | * Document in ssh(1) that '-S none' disables connection sharing |
18 | (closes: #471437). | 24 | (closes: #471437). |
19 | * Patch from Red Hat / Fedora: | 25 | * Patch from Red Hat / Fedora: |
20 | - SECURITY: Don't use X11 forwarding port which can't be bound on all | 26 | - CVE-2008-1483: Don't use X11 forwarding port which can't be bound on |
21 | address families, preventing hijacking of X11 forwarding by | 27 | all address families, preventing hijacking of X11 forwarding by |
22 | unprivileged users when both IPv4 and IPv6 are configured (closes: | 28 | unprivileged users when both IPv4 and IPv6 are configured (closes: |
23 | #463011). | 29 | #463011). |
24 | * Use printf rather than echo -en (a bashism) in openssh-server.config and | 30 | * Use printf rather than echo -en (a bashism) in openssh-server.config and |