Bug 441066

Summary: OpenSSH 5.0p1 was released
Product: [Fedora] Fedora Reporter: Robert Scheck <redhat-bugzilla>
Component: opensshAssignee: Tomas Mraz <tmraz>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: rawhideCC: thoger
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://www.openssh.org/txt/release-5.0
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-04-08 02:55:35 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Robert Scheck 2008-04-05 14:30:05 EDT
Description of problem:
Changes since OpenSSH 4.9 [Security]: CVE-2008-1483: Avoid possible hijacking 
of X11-forwarded connections by refusing to listen on a port unless all address 
families bind successfully.

Version-Release number of selected component (if applicable):
openssh-4.7p1-9

Expected results:
openssh-5.0p1-1 or later... ;-)
Comment 1 Tomas Hoger 2008-04-06 05:28:29 EDT
Robert, as you have noticed, the only change between 4.9 and 5.0 is the patch
that is used in Fedora packages for a while.  See:

https://bugzilla.redhat.com/show_bug.cgi?id=439079#c1

I don't think this should block F9Target.
Comment 2 Robert Scheck 2008-04-06 05:40:38 EDT
If the patch is already in Fedora, you're right.
Comment 3 Tomas Mraz 2008-04-07 09:41:55 EDT
I plan to upgrade to openssh-5.0p1 after F9 is released - we are already past
feature freeze so a few weeks in testing updates seem to me more appropriate.
Comment 4 Tomas Mraz 2008-04-08 02:55:35 EDT
After reviewing the changes I decided to update it in rawhide.