Date: Sun, 01 Oct 2006 15:10:50 -0700 From: Mark Peek <mp@FreeBSD.org> To: freebsd-security@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-06:22.openssh Message-ID: <45203CEA.90301@FreeBSD.org> In-Reply-To: <200609302024.k8UKOjon073315@freefall.freebsd.org> References: <200609302024.k8UKOjon073315@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 9/30/06 1:24 PM, FreeBSD Security Advisories wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > ============================================================================= > FreeBSD-SA-06:22.openssh Security Advisory > The FreeBSD Project > > Topic: Multiple vulnerabilities in OpenSSH > > Category: contrib > Module: openssh > Announced: 2006-09-30 > Credits: Tavis Ormandy, Mark Dowd > Affects: All FreeBSD releases. > Corrected: 2006-09-30 19:50:57 UTC (RELENG_6, 6.2-PRERELEASE) > 2006-09-30 19:51:56 UTC (RELENG_6_1, 6.1-RELEASE-p10) > 2006-09-30 19:53:21 UTC (RELENG_6_0, 6.0-RELEASE-p15) > 2006-09-30 19:54:03 UTC (RELENG_5, 5.5-STABLE) > 2006-09-30 19:54:58 UTC (RELENG_5_5, 5.5-RELEASE-p8) > 2006-09-30 19:55:52 UTC (RELENG_5_4, 5.4-RELEASE-p22) > 2006-09-30 19:56:38 UTC (RELENG_5_3, 5.3-RELEASE-p37) > 2006-09-30 19:57:15 UTC (RELENG_4, 4.11-STABLE) > 2006-09-30 19:58:07 UTC (RELENG_4_11, 4.11-RELEASE-p25) > CVE Name: CVE-2006-4924, CVE-2006-5051 > > For general information regarding FreeBSD Security Advisories, > including descriptions of the fields above, security branches, and the > following sections, please visit <URL:http://security.FreeBSD.org/>. > > I. Background > > OpenSSH is an implementation of the SSH protocol suite, providing an > encrypted, authenticated transport for a variety of services, > including remote shell access. >snip< BTW, the patches for this advisory appear to also need a patch to add log.c into src/secure/usr.sbin/sshd/Makefile. Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45203CEA.90301>