Source: openssh Version: 1:7.3p1-5 Severity: important Tags: security upstream
Hi, the following vulnerability was published for openssh. CVE-2016-10012[0]: |sshd(8): shared memory manager bounds checks that could be elided by |some optimising compilers potentially allow attacks against the |privileged monitor process from the sandboxed privilege-separation |process If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-10012 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012 Please adjust the affected versions in the BTS as needed. I'm not sure if this is a problem in practice in Debian. Source-wise it is fixed in the new upstream version. Regards, Salvatore
