CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	delphij <delphij@FreeBSD.org>
	Wed, 11 Jan 2017 05:42:06 +0000 (05:42 +0000)
committer	delphij <delphij@FreeBSD.org>
	Wed, 11 Jan 2017 05:42:06 +0000 (05:42 +0000)
commit	87ff7d220606ad76e4059f6d46dd01a342643300
tree	2ca10808770781c0ec6670edd0f06416e96e9268	tree \| snapshot
parent	aee5ba51da67c4f585832472e4b06650506edfda	commit \| diff

Apply upstream fix for CVE-2016-10009 and CVE-2016-10010:

  add a whitelist of paths from which ssh-agent will load (via
  ssh-pkcs11-helper) a PKCS#11 module; ok markus@

  disable Unix-domain socket forwarding when privsep is disabled

(Note that this is a backport of upstream fixes, and this commit
is mainly to ease future imports).

Obtained from:  OpenBSD

serverloop.c		diff \| blob \| history
ssh-agent.1		diff \| blob \| history
ssh-agent.c		diff \| blob \| history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom