[Midnightbsd-cvs] src [7195] trunk/UPDATING: mention security patches
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Tue Jul 28 20:37:34 EDT 2015
Revision: 7195
http://svnweb.midnightbsd.org/src/?rev=7195
Author: laffer1
Date: 2015-07-28 20:37:33 -0400 (Tue, 28 Jul 2015)
Log Message:
-----------
mention security patches
Modified Paths:
--------------
trunk/UPDATING
Modified: trunk/UPDATING
===================================================================
--- trunk/UPDATING 2015-07-29 00:35:21 UTC (rev 7194)
+++ trunk/UPDATING 2015-07-29 00:37:33 UTC (rev 7195)
@@ -17,6 +17,16 @@
traffic would cease.
Obtained from: FreeBSD 8
+ OpenSSH
+
+ Fix two security vulnerabilities:
+ OpenSSH clients does not correctly verify DNS SSHFP records when a server
+ offers a certificate. [CVE-2014-2653]
+
+ OpenSSH servers which are configured to allow password authentication
+ using PAM (default) would allow many password attempts. A bug allows
+ MaxAuthTries to be bypassed. [CVE-2015-5600]
+
20160726:
BSD Sort updated
More information about the Midnightbsd-cvs
mailing list