[openssh-commits] [openssh] branch master updated (5f41f03 -> 3b54a8f)
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Apr 13 10:44:26 AEST 2016
This is an automated email from the git hooks/post-receive script.
djm pushed a change to branch master
in repository openssh.
from 5f41f03 Remove NO_IPPORT_RESERVED_CONCEPT
new dce19bf upstream commit
new 3b54a8f ignore PAM environment vars when UseLogin=yes
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
Detailed log of new commits:
commit 3b54a8fe53711c494286c073bc033f98edeaddc4
Author: Damien Miller <djm at mindrot.org>
Date: Wed Apr 13 10:39:57 2016 +1000
ignore PAM environment vars when UseLogin=yes
If PAM is configured to read user-specified environment variables
and UseLogin=yes in sshd_config, then a hostile local user may
attack /bin/login via LD_PRELOAD or similar environment variables
set via PAM.
CVE-2015-8325, found by Shayan S, via Colin Watson
commit dce19bf6e4a2a3d0b13a81224de63fc316461ab9
Author: djm at openbsd.org <djm at openbsd.org>
Date: Sat Apr 9 12:39:30 2016 +0000
upstream commit
make private key loading functions consistently handle NULL
key pointer arguments; ok markus@
Upstream-ID: 92038726ef4a338169c35dacc9c5a07fcc7fa761
Summary of changes:
authfile.c | 34 ++++++++++++++++++++++------------
session.c | 2 +-
sshkey.c | 40 ++++++++++++++++++++++++----------------
3 files changed, 47 insertions(+), 29 deletions(-)
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list