001: SECURITY FIX: March 30, 2008 All architectures ** Acá explicado en español. **

sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.

Código del patch


002: SECURITY FIX: April 3, 2008 All architectures

Avoid possible hijacking of X11-forwarded connections with sshd(8) by refusing to listen on a port unless all address families bind successfully.

Código del patch


Para saber como “parchear” OpenBSD pueden ver este tutorial en nuestra Wiki.

Saludos.