Hello,
I was curious what the status of a fix for the etch version of the bug
would be:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011
ssh: unprivileged users may hijack forwarded X connections by listening on port
6010
Severity: grave; Tags: security, upstream;
Found in versions openssh/1:4.3p2-9, 4.7p1-2;
Fixed in version openssh/1:4.7p1-5 by Colin Watson <[EMAIL PROTECTED]>;
It looks like it hs been handled for testing/unstable but its unclear if
this fix has been applied to version currently in etch (OpenSSH_4.3p2
Debian-9) and the security repository.
Does anyone know if this has been addressed? Are there any plans to do
so?
Thanks!
--
David Ehle
Computing Systems Manager
CAPP CSRRI
rm 077
LS Bld. IIT Main Campus
Chicago IL 60616
[EMAIL PROTECTED]
312-567-3751
He who fights with monsters must take care lest he thereby become a
monster. And if you gaze for long into an abyss, the abyss gazes also into
you.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
