| commit | 20a687ecf7164743c5436281e1e16ddd591026ba | |
| author | Peter Avalos <pavalos@dragonflybsd.org> | |
| Sat, 19 Apr 2008 15:02:20 +0000 (19 15:02 +0000) | ||
| committer | Peter Avalos <pavalos@dragonflybsd.org> | |
| Sat, 19 Apr 2008 15:02:20 +0000 (19 15:02 +0000) | ||
| tree | 803c1813f84c09df45eaab9e5663c9f1bf569668 | treesnapshot (tar.gz zip) |
| parent | 7ac721d5f2664a078537708e796c00e509dfe878 | commitdiff |
Fix for CVE-2008-1657:
"OpenSSH before 4.9 allows remote authenticated users to bypass the
sshd_config ForceCommand directive by modifying the .ssh/rc session file."
Obtained-from: OpenBSD
"OpenSSH before 4.9 allows remote authenticated users to bypass the
sshd_config ForceCommand directive by modifying the .ssh/rc session file."
Obtained-from: OpenBSD
| crypto/openssh-4/session.c | diffblobblamehistory |