summaryrefslogtreecommitdiff
path: root/debian
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2008-04-01 13:13:10 +0000
committerColin Watson <cjwatson@debian.org>2008-04-01 13:13:10 +0000
commitc4858635c52e0af551ff5d603ee83ea9dd50e493 (patch)
tree951009d9d2a3de6f12f9702329b2e1fe64fc34ff /debian
parent15afba59bef080d540f986583afaec22d2ea3956 (diff)
Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5.
- CVE-2008-1483: Don't use X11 forwarding port which can't be bound on all address families, preventing hijacking of X11 forwarding by
Diffstat (limited to 'debian')
-rw-r--r--debian/changelog10
1 files changed, 8 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog
index 2836a2902..c46405b33 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
1openssh (1:4.7p1-8) UNRELEASED; urgency=low
2
3 * Fill in CVE identifier for security vulnerability fixed in 1:4.7p1-5.
4
5 -- Colin Watson <cjwatson@debian.org> Tue, 01 Apr 2008 14:12:43 +0100
6
1openssh (1:4.7p1-7) unstable; urgency=low 7openssh (1:4.7p1-7) unstable; urgency=low
2 8
3 * Ignore errors writing to oom_adj (closes: #473573). 9 * Ignore errors writing to oom_adj (closes: #473573).
@@ -17,8 +23,8 @@ openssh (1:4.7p1-5) unstable; urgency=low
17 * Document in ssh(1) that '-S none' disables connection sharing 23 * Document in ssh(1) that '-S none' disables connection sharing
18 (closes: #471437). 24 (closes: #471437).
19 * Patch from Red Hat / Fedora: 25 * Patch from Red Hat / Fedora:
20 - SECURITY: Don't use X11 forwarding port which can't be bound on all 26 - CVE-2008-1483: Don't use X11 forwarding port which can't be bound on
21 address families, preventing hijacking of X11 forwarding by 27 all address families, preventing hijacking of X11 forwarding by
22 unprivileged users when both IPv4 and IPv6 are configured (closes: 28 unprivileged users when both IPv4 and IPv6 are configured (closes:
23 #463011). 29 #463011).
24 * Use printf rather than echo -en (a bashism) in openssh-server.config and 30 * Use printf rather than echo -en (a bashism) in openssh-server.config and