[openssh-commits] [openssh] branch master updated (3b54a8f -> 85bdcd7)

git+noreply at mindrot.org git+noreply at mindrot.org
Wed Apr 13 10:45:12 AEST 2016


This is an automated email from the git hooks/post-receive script.

djm pushed a change to branch master
in repository openssh.

     omits  3b54a8f   ignore PAM environment vars when UseLogin=yes
       new  85bdcd7   ignore PAM environment vars when UseLogin=yes

This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version.  This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:

 * -- * -- B -- O -- O -- O   (3b54a8f)
            \
             N -- N -- N   refs/heads/master (85bdcd7)

You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.

Any revisions marked "omits" are not gone; other references still
refer to them.  Any revisions marked "discards" are gone forever.

The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


Detailed log of new commits:

commit 85bdcd7c92fe7ff133bbc4e10a65c91810f88755
Author: Damien Miller <djm at mindrot.org>
Date:   Wed Apr 13 10:39:57 2016 +1000

    ignore PAM environment vars when UseLogin=yes
    
    If PAM is configured to read user-specified environment variables
    and UseLogin=yes in sshd_config, then a hostile local user may
    attack /bin/login via LD_PRELOAD or similar environment variables
    set via PAM.
    
    CVE-2015-8325, found by Shayan Sadigh, via Colin Watson

Summary of changes:

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list