Red Hat Bugzilla – Full Text Bug Listing
|Summary:||OpenSSH 5.0p1 was released|
|Product:||[Fedora] Fedora||Reporter:||Robert Scheck <redhat-bugzilla>|
|Component:||openssh||Assignee:||Tomas Mraz <tmraz>|
|Status:||CLOSED RAWHIDE||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Fixed In Version:||Doc Type:||Enhancement|
|Doc Text:||Story Points:||---|
|Last Closed:||2008-04-08 02:55:35 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Robert Scheck 2008-04-05 14:30:05 EDT
Description of problem: Changes since OpenSSH 4.9 [Security]: CVE-2008-1483: Avoid possible hijacking of X11-forwarded connections by refusing to listen on a port unless all address families bind successfully. Version-Release number of selected component (if applicable): openssh-4.7p1-9 Expected results: openssh-5.0p1-1 or later... ;-)
Comment 1 Tomas Hoger 2008-04-06 05:28:29 EDT
Robert, as you have noticed, the only change between 4.9 and 5.0 is the patch that is used in Fedora packages for a while. See: https://bugzilla.redhat.com/show_bug.cgi?id=439079#c1 I don't think this should block F9Target.
Comment 2 Robert Scheck 2008-04-06 05:40:38 EDT
If the patch is already in Fedora, you're right.
Comment 3 Tomas Mraz 2008-04-07 09:41:55 EDT
I plan to upgrade to openssh-5.0p1 after F9 is released - we are already past feature freeze so a few weeks in testing updates seem to me more appropriate.
Comment 4 Tomas Mraz 2008-04-08 02:55:35 EDT
After reviewing the changes I decided to update it in rawhide.