CVSROOT: /cvs Module name: src Changes by: dtuc...@cvs.openbsd.org 2012/01/18 14:46:43
Modified files:
usr.bin/ssh : clientloop.c
Log message:
Ensure that $DISPLAY contains only valid characters before using it to
extract xauth data so that it can't be used to play local shell
metacharacter games. Report from r00t_ati at ihteam.net, ok markus.
