Security Fixs

2008-04-03 10:31:04 por admin

001: SECURITY FIX: March 30, 2008 All architectures ** Acá explicado en español. **


sshd(8) would execute ~/.ssh/rc even when a sshd_config(5) ForceCommand directive was in effect, allowing users with write access to this file to execute arbitrary commands. This behaviour was documented, but was an unsafe default and an extra hassle for administrators.


Código del patch



002: SECURITY FIX: April 3, 2008 All architectures


Avoid possible hijacking of X11-forwarded connections with sshd(8) by refusing to listen on a port unless all address families bind successfully.


Código del patch



Para saber como "parchear" OpenBSD pueden ver este tutorial en nuestra Wiki.


Saludos.