On 9/30/06 1:24 PM, FreeBSD Security Advisories wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-06:22.openssh Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities in OpenSSH
Category: contrib
Module: openssh
Announced: 2006-09-30
Credits: Tavis Ormandy, Mark Dowd
Affects: All FreeBSD releases.
Corrected: 2006-09-30 19:50:57 UTC (RELENG_6, 6.2-PRERELEASE)
2006-09-30 19:51:56 UTC (RELENG_6_1, 6.1-RELEASE-p10)
2006-09-30 19:53:21 UTC (RELENG_6_0, 6.0-RELEASE-p15)
2006-09-30 19:54:03 UTC (RELENG_5, 5.5-STABLE)
2006-09-30 19:54:58 UTC (RELENG_5_5, 5.5-RELEASE-p8)
2006-09-30 19:55:52 UTC (RELENG_5_4, 5.4-RELEASE-p22)
2006-09-30 19:56:38 UTC (RELENG_5_3, 5.3-RELEASE-p37)
2006-09-30 19:57:15 UTC (RELENG_4, 4.11-STABLE)
2006-09-30 19:58:07 UTC (RELENG_4_11, 4.11-RELEASE-p25)
CVE Name: CVE-2006-4924, CVE-2006-5051
For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.
I. Background
OpenSSH is an implementation of the SSH protocol suite, providing an
encrypted, authenticated transport for a variety of services,
including remote shell access.
>snip<
BTW, the patches for this advisory appear to also need a patch to add log.c
into src/secure/usr.sbin/sshd/Makefile.
Mark
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
