Source: openssh Severity: important Tags: security Hi Colin, CVE-2015-5352 was assigned to this change from 6.9:
> * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no, > connections made after ForwardX11Timeout expired could be permitted > and no longer subject to XSECURITY restrictions because of an > ineffective timeout check in ssh(1) coupled with "fail open" > behaviour in the X11 server when clients attempted connections with > expired credentials. This problem was reported by Jann Horn. Fix: https://anongit.mindrot.org/openssh.git/commit/?h=V_6_9&id=1bf477d3cdf1a864646d59820878783d42357a1d I don't think this warrants a DSA, we can line up the fix for a future DSA or a jessie point update. Or do yo disagree? Cheers, Moritz _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
