From b9438bbc073e792547318c8e343923748536529c Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Fri, 29 Sep 2006 11:36:40 +0000
Subject:   - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd.
 The     signal handler was vulnerable to a race condition that could be    
 exploited to perform a pre-authentication denial of service. On     portable
 OpenSSH, this vulnerability could theoretically lead to    
 pre-authentication remote code execution if GSSAPI authentication is    
 enabled, but the likelihood of successful exploitation appears remote.

---
 debian/changelog | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'debian/changelog')

diff --git a/debian/changelog b/debian/changelog
index 705a61580..6007a9d7b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,12 @@ openssh (1:4.3p2-4) UNRELEASED; urgency=high
     - CVE-2006-4924: Fix a pre-authentication denial of service found by
       Tavis Ormandy, that would cause sshd(8) to spin until the login grace
       time expired (closes: #389995).
+    - CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The
+      signal handler was vulnerable to a race condition that could be
+      exploited to perform a pre-authentication denial of service. On
+      portable OpenSSH, this vulnerability could theoretically lead to
+      pre-authentication remote code execution if GSSAPI authentication is
+      enabled, but the likelihood of successful exploitation appears remote.
 
   * Read /etc/default/locale as well as /etc/environment (thanks, Raphaël
     Hertzog; closes: #369395).
-- 
cgit v1.2.3