[DLA 42-1] live-config security update

To: debian-lts-announce@lists.debian.org
Subject: [DLA 42-1] live-config security update
From: Luciano Bello <luciano@debian.org>
Date: Fri, 29 Aug 2014 05:07:25 +0200
Message-id: <[🔎] 1537698.QPnD9Ji7yW@mybox>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : live-config
Version        : 2.0.15-1.1+deb6u1
Debian Bug     : 741678

A vulnerability against Debian Live, the live systems project, was reported. The 
default, the live images include a SSH server allowing for log in with default 
user and password. This fix set PasswordAuthentication in /etc/ssh/sshd_config 
as "no".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCAAGBQJT/+4sAAoJEG7C3vaP/jd03fMP/0IhsNcxkFlwHwIXeQoUBzn5
lkbw+PFeoiXgbi2/NXeVDQ+utNYNz7tJwmmgoTR9T/LkInB5nV9KgtSl8oJDWz60
uODGjNKBGaF+mUqFE/Jk/UTzcguf+XoVAWgQpDWE324RvAG7qEt8lmpO2sfXQJcx
uVKieKXMWzBjYa9G6Tvc22yK1JP0/EWB3kAN3qBRmmech/IXbp3PXz1Xf5/Pm4Tn
M3vjC2UGb2Bo8LCMR/qUwhbMJ1DzecB3niexri2bEBAdTxKYNF4d4xSvl42KiQ1y
epS1NZ5baVQoxDjsOvvbocTNiHNP48oKmJidtFg77pNL/s+GdvyYqlG1cf1qzATH
f+UIFo837E/Hal599Y/IZtcxCgVmxjhZ8Ze45rFnjb640USfVOgRNOCf4Eg2h5Dc
nGj6i2ZnKJxvCI46AcIvCJ2AS8OGMRTUqJVciotiBjifUQv7jQp5mHQdXCSK6sQc
vVSzJzpzUGGudbbWZZxlaVUHkHAKigMBfMucfnEHjF5rD66qwxrZQih5poY9EHsW
BnWYq+Q0uVISvy/BvEQZi1W7V9nAXcrTFIZGeMuiPOVy9mIphmCkyKUZJgkYx6Wj
U0oKXO1X1c7MH39ZjQeCrYFe5grL8cNNqpM6h+kHJqWzbNzvqBLtzeaYq9WLRUl3
o9UgFFmtuuL6aamo9zyz
=SuJj
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [DLA 41-1] python-imaging security update
Previous by thread: [DLA 41-1] python-imaging security update
Index(es):
- Date
- Thread