This bug was fixed in the package openssh - 1:4.6p1-5ubuntu0.1
---------------
openssh (1:4.6p1-5ubuntu0.1) gutsy-security; urgency=low
* SECURITY UPDATE: trusted cookie leak when untrusted cookie cannot be
generated.
* debian/control: Updated Maintainer Field to follow Ubuntu Maintainer Policy
* clientloop.c: Applied patch according to openssh upstream (LP: #162171),
thanks to Stephan Hermann.
* References:
CVE-2007-4752
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=444738
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/clientloop.c.diff?r1=1.180&r2=1.181
-- Kees Cook <[EMAIL PROTECTED]> Wed, 09 Jan 2008 12:37:26 -0800
** Changed in: openssh (Ubuntu Gutsy)
Status: Fix Committed => Fix Released
** Changed in: openssh (Ubuntu Feisty)
Status: Fix Committed => Fix Released
--
[CVE-2007-4752] ssh in OpenSSH before 4.7 does not properly handle...
https://bugs.launchpad.net/bugs/162171
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
