main/openssh: security fixes from upstream

ref #4578

CVE-2015-6563:
  sshd(8): Portable OpenSSH only: Fixed a privilege separation
  weakness related to PAM support. Attackers who could successfully
  compromise the pre-authentication process for remote code
  execution and who had valid credentials on the host could
  impersonate other users.  Reported by Moritz Jodeit.

CVE-2015-6564:
  sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to
  PAM support that was reachable by attackers who could compromise the
  pre-authentication process for remote code execution. Also reported by
  Moritz Jodeit.

CVE-2015-6565:
  sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-
  writable. Local attackers may be able to write arbitrary messages
  to logged-in users, including terminal escape sequences.
  Reported by Nikolay Edigaryev.

0 files changed, 0 insertions, 0 deletions