Module Name: src Committed By: snj Date: Tue May 17 18:50:35 UTC 2016
Modified Files: src/crypto/external/bsd/openssh/dist [netbsd-7]: session.c Log Message: Pull up following revision(s) (requested by christos in ticket #1168): crypto/external/bsd/openssh/dist/session.c: revision 1.19 If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM. CVE-2015-8325, found by Shayan Sadigh, via Colin Watson https://anongit.mindrot.org/openssh.git/commit/?id=85bdcd7c92fe7ff133bbc4e10a65c91810f88755 XXX: pullup-7 To generate a diff of this commit: cvs rdiff -u -r1.12.4.1 -r1.12.4.2 \ src/crypto/external/bsd/openssh/dist/session.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.