On 9/30/06 1:24 PM, FreeBSD Security Advisories wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
============================================================
=================
> FreeBSD-SA-06:22.openssh
Security Advisory
>
The FreeBSD Project
>
> Topic: Multiple vulnerabilities in OpenSSH
>
> Category: contrib
> Module: openssh
> Announced: 2006-09-30
> Credits: Tavis Ormandy, Mark Dowd
> Affects: All FreeBSD releases.
> Corrected: 2006-09-30 19:50:57 UTC (RELENG_6,
6.2-PRERELEASE)
> 2006-09-30 19:51:56 UTC (RELENG_6_1,
6.1-RELEASE-p10)
> 2006-09-30 19:53:21 UTC (RELENG_6_0,
6.0-RELEASE-p15)
> 2006-09-30 19:54:03 UTC (RELENG_5,
5.5-STABLE)
> 2006-09-30 19:54:58 UTC (RELENG_5_5,
5.5-RELEASE-p8)
> 2006-09-30 19:55:52 UTC (RELENG_5_4,
5.4-RELEASE-p22)
> 2006-09-30 19:56:38 UTC (RELENG_5_3,
5.3-RELEASE-p37)
> 2006-09-30 19:57:15 UTC (RELENG_4,
4.11-STABLE)
> 2006-09-30 19:58:07 UTC (RELENG_4_11,
4.11-RELEASE-p25)
> CVE Name: CVE-2006-4924, CVE-2006-5051
>
> For general information regarding FreeBSD Security
Advisories,
> including descriptions of the fields above, security
branches, and the
> following sections, please visit <URL:http://security.Fre
eBSD.org/>.
>
> I. Background
>
> OpenSSH is an implementation of the SSH protocol suite,
providing an
> encrypted, authenticated transport for a variety of
services,
> including remote shell access.
>snip<
BTW, the patches for this advisory appear to also need a
patch to add log.c
into src/secure/usr.sbin/sshd/Makefile.
Mark
_______________________________________________
freebsd-security freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-secu
rity
To unsubscribe, send any mail to
"freebsd-security-unsubscribefreebsd.org"
|