[ubuntu/trusty-updates] openssh 1:6.6p1-2ubuntu2.2 (Accepted)

Ubuntu Archive Robot cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Fri Aug 14 15:58:12 UTC 2015


openssh (1:6.6p1-2ubuntu2.2) trusty-security; urgency=medium

  * SECURITY UPDATE: possible user impersonation via PAM support
    - debian/patches/pam-security-1.patch: don't resend username to PAM in
      monitor.c, monitor_wrap.c.
    - CVE number pending
  * SECURITY UPDATE: use-after-free in PAM support
    - debian/patches/pam-security-2.patch: fix use after free in monitor.c.
    - CVE number pending
  * SECURITY UPDATE: 
    - debian/patches/CVE-2015-5600.patch: only query each
      keyboard-interactive device once per authentication request in
      auth2-chall.c.
    - CVE-2015-5600
  * SECURITY UPDATE: X connections access restriction bypass
    - debian/patches/CVE-2015-5352.patch: refuse ForwardX11Trusted=no
      connections attempted after ForwardX11Timeout expires in channels.c,
      channels.h, clientloop.c.
    - CVE-2015-5352

Date: 2015-08-14 13:24:11.785644+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list