version 1.4, 2000/11/10 21:24:15 |
version 1.5, 2000/11/10 21:43:35 |
|
|
<li><h3><font color=#e00000>All architectures</font></h3> |
<li><h3><font color=#e00000>All architectures</font></h3> |
<ul> |
<ul> |
<a name=sshforwarding> </a> |
<a name=sshforwarding> </a> |
<li><font color=#009000><strong>036: SECURITY FIX: Nov 10, 2000</strong></font><br> |
<li><font color=#009000><strong>035: SECURITY FIX: Nov 10, 2000</strong></font><br> |
Hostile servers can force OpenSSH clients to do agent or X11 forwarding. |
Hostile servers can force OpenSSH clients to do agent or X11 forwarding. |
This problem is fixed as of OpenSSH 2.3.0.<br> |
This problem is fixed as of OpenSSH 2.3.0.<br> |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/036_sshforwarding.patch> |
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/035_sshforwarding.patch> |
A source code patch exists which remedies this problem.</a> |
|
<p> |
|
<a name=sshskey> </a> |
|
<li><font color=#009000><strong>035: IMPLEMENTATION FIX: Nov 10, 2000</strong></font><br> |
|
In ssh(1), skey support for SSH1 protocol was broken. Some people might consider |
|
that kind of important.<br> |
|
<a href=ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.7/common/035_sshskey.patch> |
|
A source code patch exists which remedies this problem.</a> |
A source code patch exists which remedies this problem.</a> |
<p> |
<p> |
<a name=execsubr> </a> |
<a name=execsubr> </a> |