void-packages/srcpkgs/openssh at 98fa992850150b2ba99e4aeaabeb8190d9c4d3b2 - jcgruenhage/void-packages - forgejo

jcgruenhage/void-packages

History

Christian Neukirchen 0ea48ddd5e openssh: security fix for CVE-2015-8325. > Subject: ignore PAM environment vars when UseLogin=yes > > If PAM is configured to read user-specified environment variables > and UseLogin=yes in sshd_config, then a hostile local user may > attack /bin/login via LD_PRELOAD or similar environment variables > set via PAM. > > CVE-2015-8325, found by Shayan Sadigh, via Colin Watson		2016-06-06 13:34:27 +02:00
..
files
patches
template