From 1fd4eb3d0025d544928da833ad1d171bbc785149 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sat, 22 Mar 2008 12:30:42 +0000
Subject: more detail on #463011

---
 debian/changelog | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index 841ac9edd..e68474857 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,8 +4,10 @@ openssh (1:4.7p1-5) UNRELEASED; urgency=low
   * Document in ssh(1) that '-S none' disables connection sharing
     (closes: #471437).
   * Patch from Red Hat / Fedora:
-    - Don't use X11 forwarding port which can't be bound on all address
-      families (closes: #463011).
+    - SECURITY: Don't use X11 forwarding port which can't be bound on all
+      address families, preventing hijacking of X11 forwarding by
+      unprivileged users when both IPv4 and IPv6 are configured (closes:
+      #463011).
   * debconf template translations:
     - Update Finnish (thanks, Esko Arajärvi; closes: #468563).
 
-- 
cgit v1.2.3