diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2015-08-26 11:28:34 +0200 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-08-26 11:28:34 +0200 |
commit | 26c30cf5be4151eee04678ad118d056de0601833 (patch) | |
tree | 15197d4f861c9056c026546a41d12ed33a16df75 /main/bam | |
parent | fd2d5633fcea1fb35f3b67dfe1c51aebcac3696f (diff) | |
download | aports-26c30cf5be4151eee04678ad118d056de0601833.tar.bz2 aports-26c30cf5be4151eee04678ad118d056de0601833.tar.xz |
main/openssh: security fixes from upstream
ref #4578
CVE-2015-6563:
sshd(8): Portable OpenSSH only: Fixed a privilege separation
weakness related to PAM support. Attackers who could successfully
compromise the pre-authentication process for remote code
execution and who had valid credentials on the host could
impersonate other users. Reported by Moritz Jodeit.
CVE-2015-6564:
sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to
PAM support that was reachable by attackers who could compromise the
pre-authentication process for remote code execution. Also reported by
Moritz Jodeit.
CVE-2015-6565:
sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-
writable. Local attackers may be able to write arbitrary messages
to logged-in users, including terminal escape sequences.
Reported by Nikolay Edigaryev.
Diffstat (limited to 'main/bam')
0 files changed, 0 insertions, 0 deletions