openssh 1:7.1p2-1 source package in Debian
Changelog
openssh (1:7.1p2-1) unstable; urgency=high
* New upstream release (http://www.openssh.com/txt/release-7.1p2):
- CVE-2016-0777, CVE-2016-0778: Disable experimental client-side support
for roaming, which could be tricked by a malicious server into leaking
client memory to the server, including private client user keys; this
information leak is restricted to connections to malicious or
compromised servers (closes: #810984).
- SECURITY: Fix an out of-bound read access in the packet handling code.
Reported by Ben Hawkes.
- Further use of explicit_bzero has been added in various buffer
handling code paths to guard against compilers aggressively doing
dead-store removal.
-- Colin Watson <email address hidden> Thu, 14 Jan 2016 15:28:03 +0000
Upload details
- Uploaded by:
- Debian OpenSSH Maintainers
- Uploaded to:
- Sid
- Original maintainer:
- Debian OpenSSH Maintainers
- Architectures:
- any all
- Section:
- net
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| openssh_7.1p2-1.dsc | 2.8 KiB | a1f6b01e2229f167f35e5f5378181f3d931196919efa1a8c379709686c79a639 |
| openssh_7.1p2.orig.tar.gz | 1.4 MiB | dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbd |
| openssh_7.1p2-1.debian.tar.xz | 145.1 KiB | 349d952bd32dbce1191deb3cd79b37d5380610766a3b047eb2f295f228ce8b50 |
Available diffs
- diff from 1:7.1p1-6 to 1:7.1p2-1 (28.3 KiB)
No changes file available.
