openssh 1:7.1p2-1 source package in Debian

Changelog

openssh (1:7.1p2-1) unstable; urgency=high

  * New upstream release (http://www.openssh.com/txt/release-7.1p2):
    - CVE-2016-0777, CVE-2016-0778: Disable experimental client-side support
      for roaming, which could be tricked by a malicious server into leaking
      client memory to the server, including private client user keys; this
      information leak is restricted to connections to malicious or
      compromised servers (closes: #810984).
    - SECURITY: Fix an out of-bound read access in the packet handling code.
      Reported by Ben Hawkes.
    - Further use of explicit_bzero has been added in various buffer
      handling code paths to guard against compilers aggressively doing
      dead-store removal.

 -- Colin Watson <email address hidden>  Thu, 14 Jan 2016 15:28:03 +0000

Upload details

Uploaded by:
Debian OpenSSH Maintainers
Uploaded to:
Sid
Original maintainer:
Debian OpenSSH Maintainers
Architectures:
any all
Section:
net
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
openssh_7.1p2-1.dsc 2.8 KiB a1f6b01e2229f167f35e5f5378181f3d931196919efa1a8c379709686c79a639
openssh_7.1p2.orig.tar.gz 1.4 MiB dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd
openssh_7.1p2-1.debian.tar.xz 145.1 KiB 349d952bd32dbce1191deb3cd79b37d5380610766a3b047eb2f295f228ce8b50

Available diffs

No changes file available.

Binary packages built by this source