diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2015-08-26 11:28:34 +0200 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2015-08-26 11:28:34 +0200 |
| commit | 26c30cf5be4151eee04678ad118d056de0601833 (patch) | |
| tree | 15197d4f861c9056c026546a41d12ed33a16df75 /main/perl-compress-raw-zlib | |
| parent | fd2d5633fcea1fb35f3b67dfe1c51aebcac3696f (diff) | |
| download | aports-26c30cf5be4151eee04678ad118d056de0601833.tar.bz2 aports-26c30cf5be4151eee04678ad118d056de0601833.tar.xz | |
main/openssh: security fixes from upstream
ref #4578
CVE-2015-6563:
sshd(8): Portable OpenSSH only: Fixed a privilege separation
weakness related to PAM support. Attackers who could successfully
compromise the pre-authentication process for remote code
execution and who had valid credentials on the host could
impersonate other users. Reported by Moritz Jodeit.
CVE-2015-6564:
sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to
PAM support that was reachable by attackers who could compromise the
pre-authentication process for remote code execution. Also reported by
Moritz Jodeit.
CVE-2015-6565:
sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world-
writable. Local attackers may be able to write arbitrary messages
to logged-in users, including terminal escape sequences.
Reported by Nikolay Edigaryev.
Diffstat (limited to 'main/perl-compress-raw-zlib')
0 files changed, 0 insertions, 0 deletions