openssh-askpass: A passphrase dialog for OpenSSH and the X Window System
----------------------------------------------------------------------
File: openssh-askpass-4.2p1-18.30.ppc.rpm
Patchrpm: openssh-askpass-4.2p1-18.30.ppc.patch.rpm
Version: 4.2p1-18.30
Size: 43 kB
Patchsize: 37 kB
Date: Thu 18 Oct 2007 8:28:30 CEST
Source: openssh-4.2p1-18.30.src.rpm
Security: Yes
----------------------------------------------------------------------
Description: This update fixes a bug in ssh's cookie handling code. It does not properly handle the situation when an untrusted cookie cannot be created and uses a trusted X11 cookie instead. This allows attackers to violate the intended policy and gain privileges by causing an X client to be treated as trusted. (CVE-2007-4752)
Additionally this update fixes a bug introduced with the last security update for openssh. When the SSH daemon wrote to stderr (for  instance, to warn about the presence of a deprecated option like PAMAuthenticationViaKbdInt in its configuration file), SIGALRM was blocked for SSH sessions. This resulted in problems with processes which rely on SIGALRM, such as ntpdate.