[Bug 1244736] Re: upstart configuration for user launches an extra ssh-agent

Launchpad Bug Tracker Sat, 29 Mar 2014 23:06:08 -0700

This bug was fixed in the package openssh - 1:6.6p1-1

---------------
openssh (1:6.6p1-1) unstable; urgency=medium



  [ Colin Watson ]
  * Apply various warning-suppression and regression-test fixes to
    gssapi.patch from Damien Miller.
  * New upstream release (http://www.openssh.com/txt/release-6.6,
    LP: #1298280):
    - CVE-2014-2532: sshd(8): when using environment passing with an
      sshd_config(5) AcceptEnv pattern with a wildcard, OpenSSH prior to 6.6
      could be tricked into accepting any environment variable that contains
      the characters before the wildcard character.
  * Re-enable btmp logging, as its permissions were fixed a long time ago in
    response to #370050 (closes: #341883).
  * Change to "PermitRootLogin without-password" for new installations, and
    ask a debconf question when upgrading systems with "PermitRootLogin yes"
    from previous versions (closes: #298138).
  * Debconf translations:
    - Danish (thanks, Joe Hansen).
    - Portuguese (thanks, Américo Monteiro).
    - Russian (thanks, Yuri Kozlov; closes: #742308).
    - Swedish (thanks, Andreas Rönnquist).
    - Japanese (thanks, victory).
    - German (thanks, Stephan Beck; closes: #742541).
    - Italian (thanks, Beatrice Torracca).
  * Don't start ssh-agent from the Upstart user session job if something
    like Xsession has already done so (based on work by Bruno Vasselle;
    LP: #1244736).

  [ Matthew Vernon ]
  * CVE-2014-2653: Fix failure to check SSHFP records if server presents a
    certificate (bug reported by me, patch by upstream's Damien Miller;
    thanks also to Mark Wooding for his help in fixing this) (Closes:
    #742513)

 -- Colin Watson <cjwat...@debian.org>  Fri, 28 Mar 2014 18:04:41 +0000

** Changed in: openssh (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2532

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-2653

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1244736

Title:
  upstart configuration for user launches an extra ssh-agent

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnome-session/+bug/1244736/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1244736] Re: upstart configuration for user launches an extra ssh-agent

Reply via email to