openssh 1:4.1p1-7ubuntu4.2 source package in Ubuntu
Changelog
openssh (1:4.1p1-7ubuntu4.2) breezy-security; urgency=low * SECURITY UPDATE: Remote DoS. * CVE-2006-4924: Fix a pre-authentication denial of service found by Tavis Ormandy, that would cause sshd(8) to spin until the login grace time expired. Upstream fixes: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.c.diff?r1=1.29&r2=1.30&sortby=date&f=h http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.143&r2=1.144&sortby=date&f=h http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/deattack.h.diff?r1=1.9&r2=1.10&sortby=date&f=h * Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. [CVE-2006-5051] On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. [CVE-2006-5052] * Above patches taken from Debian's 4.3p2-4 version, thanks to Colin Watson for backporting them from 4.4p1. -- Martin Pitt <email address hidden> Mon, 2 Oct 2006 10:07:27 +0000
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Breezy
- Original maintainer:
- Matthew Vernon
- Architectures:
- any
- Section:
- net
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
openssh_4.1p1.orig.tar.gz | 888.4 KiB | 26fa45799fb323028fba99a8289bea03e922a99a8fedd587f3dc67eb41935f0e |
openssh_4.1p1-7ubuntu4.2.diff.gz | 154.9 KiB | ce882f7d80046f7be32cdaeb994ed5c106704f3f4453ff4c19bdb28ced6b2023 |
openssh_4.1p1-7ubuntu4.2.dsc | 971 bytes | 5a444db0c3c629404c7babca56f26a69b4352c4aa32e2959705f8d8801e28421 |
Binary packages built by this source
- openssh-client: No summary available for openssh-client in ubuntu breezy.
No description available for openssh-client in ubuntu breezy.
- openssh-client-udeb: No summary available for openssh-client-udeb in ubuntu breezy.
No description available for openssh-client-udeb in ubuntu breezy.
- openssh-server: No summary available for openssh-server in ubuntu breezy.
No description available for openssh-server in ubuntu breezy.
- openssh-server-udeb: No summary available for openssh-server-udeb in ubuntu breezy.
No description available for openssh-server-udeb in ubuntu breezy.
- ssh: No summary available for ssh in ubuntu breezy.
No description available for ssh in ubuntu breezy.
- ssh-askpass-gnome: No summary available for ssh-askpass-gnome in ubuntu breezy.
No description available for ssh-askpass-gnome in ubuntu breezy.