Re: Announce: OpenSSH 7.0 released

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 8/11/2015 5:53 AM, Damien Miller wrote:
>  * sshd(8): Portable OpenSSH only: Fixed a privilege separation
>    weakness related to PAM support. Attackers who could successfully
>    compromise the pre-authentication process for remote code
>    execution and who had valid credentials on the host could
>    impersonate other users.  Reported by Moritz Jodeit.
> 
>  * sshd(8): Portable OpenSSH only: Fixed a use-after-free bug
>    related to PAM support that was reachable by attackers who could
>    compromise the pre-authentication process for remote code
>    execution. Also reported by Moritz Jodeit.

Which versions did these first exist in?

-- 
Regards,
Bryan Drewery

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux