Date: Wed, 6 Dec 2000 15:19:35 -0200
Subject: [CLA-2000:351] Conectiva Linux Security Announcement -
CONECTIVA LINUX SECURITY ANNOUNCEMENT
PACKAGE : openssh
SUMMARY : X11 and ssh-agent forwarding problems
DATE : 2000-12-06 15:19:00
ID : CLA-2000:351
RELEASES : 6.0
(This is a specific update for Conectiva Linux 6.0 which has
already been applied to previous versions.) In versions prior to
2.3.0, if the openssh client receives a request for ssh-agent or
X11 forwarding, it does not check if this feature has been
negotiated during session setup and grants access. This could allow
remote access to the client's display and ssh-agent service.
All openssh users should upgrade immediately.
Users of Conectiva Linux version 6.0 or higher may use apt to
- add the following line to /etc/apt/sources.list if it is not
there yet (you may also use linuxconf to do this):
Some of the products that appear on this site are from companies from which QuinStreet receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. QuinStreet does not include all companies or all types of products available in the marketplace.