sledp1-opensshSecurity update for OpenSSHSecurity update for OpenSSHThis update fixes a bug in ssh's cookie handling code. It
does not properly handle the situation when an untrusted
cookie cannot be created and uses a trusted X11 cookie
instead. This allows attackers to violate the intended
policy and gain privileges by causing an X client to be
treated as trusted. (CVE-2007-4752) Additionally this
update fixes a bug introduced with the last security update
for openssh. When the SSH daemon wrote to stderr (for
instance, to warn about the presence of a deprecated option
like PAMAuthenticationViaKbdInt in its configuration file),
SIGALRM was blocked for SSH sessions. This resulted in
problems with processes which rely on SIGALRM, such as
ntpdate.
This update fixes a bug in ssh's cookie handling code. It
does not properly handle the situation when an untrusted
cookie cannot be created and uses a trusted X11 cookie
instead. This allows attackers to violate the intended
policy and gain privileges by causing an X client to be
treated as trusted. (CVE-2007-4752) Additionally this
update fixes a bug introduced with the last security update
for openssh. When the SSH daemon wrote to stderr (for
instance, to warn about the presence of a deprecated option
like PAMAuthenticationViaKbdInt in its configuration file),
SIGALRM was blocked for SSH sessions. This resulted in
problems with processes which rely on SIGALRM, such as
ntpdate.
securityopensshi586eaf8b0fedfd4d56c5739407d6d69cfed0afa4803openssh-askpassi5869e690d673f077de9f518b4c3b84eb2d0fa9a14dd