cvs commit: src/crypto/openssh session.c

2001. Dec. 3., H, 23:00:39 CET

Hali!

Gyorsan es roviden: Ha valaki az sshd konfigban UseLogin-t "yes"-re
allitott (es FreeBSD-t hasznal), akkor azonnal frissitsen ! Tartsatok
nyitva a szemeteket mert par nap mulva security advisory is lesz ebbol.
Potencialis root exploit. 

(OpenBSD regebbi verzioi is szivnak valoszinuleg. 3.0-t nem tudom.)

Udv:
Sz.
----- Forwarded message from Jacques Vidrine <nectar at FreeBSD.org> -----

Date: Sun, 02 Dec 2001 16:51:47 -0800 (PST)
From: Jacques Vidrine <nectar at FreeBSD.org>
Subject: cvs commit: src/crypto/openssh session.c
Sender: owner-cvs-all at FreeBSD.ORG
To: cvs-committers at FreeBSD.org, cvs-all at FreeBSD.org

nectar      2001/12/02 16:51:47 PST

  Modified files:
    crypto/openssh       session.c 
  Log:
  Do not pass user-defined environmental variables to /usr/bin/login.

  Obtained from:  OpenBSD
  Approved by:    green

  Revision  Changes    Path
  1.18      +2 -0      src/crypto/openssh/session.c

To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe cvs-all" in the body of the message

----- End forwarded message -----

-- 
-------------------------------------------------------------------------------
* Adam Szilveszter * Szombathely * email: adamsziszi at vnet.hu *
* Honlap : alakul * alternativ email: sziszi at bsd.hu *
* PGP: szinten kesobb *
* FreeBSD: tisztabb, szarazabb, biztonsagosabb erzes...! *            