Source: openssh Severity: important Tags: security Hi Colin, CVE-2015-5352 was assigned to this change from 6.9:
> * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no, > connections made after ForwardX11Timeout expired could be permitted > and no longer subject to XSECURITY restrictions because of an > ineffective timeout check in ssh(1) coupled with "fail open" > behaviour in the X11 server when clients attempted connections with > expired credentials. This problem was reported by Jann Horn. Fix: https://anongit.mindrot.org/openssh.git/commit/?h=V_6_9&id=1bf477d3cdf1a864646d59820878783d42357a1d I don't think this warrants a DSA, we can line up the fix for a future DSA or a jessie point update. Or do yo disagree? Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
