OpenSSH release 4.7 fixes following security-related issue:
* Prevent ssh(1) from using a trusted X11 cookie if creation of an
untrusted cookie fails; found and fixed by Jan Pechanec.
OpenSSH 4.7 release notes:
The Red Hat Security Response Team has rated this issue as having low
security impact, a future update may address this flaw. More
information regarding issue severity can be found here:
This issue did not affect openssh packages as distributed with Red Hat
Enterprise Linux 2.1 or 3, as they do not support Trusted X11
On Red Hat Enterprise Linux 4 and 5, Trusted X11 forwarding is enabled
in default ssh client configuration as of Red Hat Enterprise Linux 4
Update 1 and is used whenever X11 forwarding is used. Therefore exploitation
of this issue with default client configuration will not give attacker
any additional privileges.
Fixed in Red Hat Enterprise Linux 4 and 5 via: