code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Armin Kuster <akuster@mvista.com>
	Wed, 9 Sep 2015 00:22:26 +0000 (17:22 -0700)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Sat, 30 Jan 2016 12:01:43 +0000 (12:01 +0000)
commit	ddfe191355a042e6995f7b4b725b108c5bb4d36e
tree	cdc3afc769f82d7ffb6e5d43c1c7014ba3e81cf5	tree \| snapshot
parent	576f63c50badd54b47cdda42a6466bb18984958d	commit \| diff

openssh: CVE-2015-6563 CVE-2015-6564 CVE-2015-6565

three security fixes.

CVE-2015-6563 (Low) openssh: Privilege separation weakness related to PAM support
CVE-2015-6564 (medium) openssh: Use-after-free bug related to PAM support
CVE-2015-6565 (High) openssh: Incorrectly set TTYs to be world-writable

(From OE-Core rev: 259df232b513367a0a18b17e3e377260a770288f)

Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Conflicts:
meta/recipes-connectivity/openssh/openssh_6.6p1.bb

meta/recipes-connectivity/openssh/openssh/CVE-2015-6563.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/openssh/openssh/CVE-2015-6564.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/openssh/openssh/CVE-2015-6565.patch	[new file with mode: 0644]	blob
meta/recipes-connectivity/openssh/openssh_6.6p1.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom