Package: openssh-server Severity: important Tags: security patch Hi, the following vulnerability was published for openssh-server. CVE-2010-5107[0]: http://www.openwall.com/lists/oss-security/2013/02/06/5 This resulted in the following upstream changes: http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c?r1=1.234#rev1.234 http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config.5?r1=1.156#rev1.156 http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/sshd_config?r1=1.89#rev1.89 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. It would be also great if you could push this to stable-proposed-updates so this is changed for wheezy. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5107 http://security-tracker.debian.org/tracker/CVE-2010-5107 Please adjust the affected versions in the BTS as needed. -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
Attachment:
pgpiwR_hKPCzs.pgp
Description: PGP signature