Advisories : X11 and ssh-agent forwarding problems

main menu

- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news

discussions

- read forum
- new topic
- search

meetings

- meetings list
- recent additions
- add your info

top 100 sites

- visit top sites
- sign up now
- members

webmasters

- add your url
- add domain
- search box
- link to us

projects

- our projects
- free email

m4d network

- security software
- secureroot
- m4d.com

Home : Advisories : X11 and ssh-agent forwarding problems

Title:	X11 and ssh-agent forwarding problems
Released by:	Conectiva
Date:	6th December 2000
Printable version:	Click here

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1



- -----------------------------------------------------------------------

CONECTIVA LINUX SECURITY ANNOUNCEMENT

- -----------------------------------------------------------------------



PACKAGE   : openssh

SUMMARY   : X11 and ssh-agent forwarding problems

DATE      : 2000-12-06 15:19:00

ID        : CLA-2000:351

RELEVANT

RELEASES  : 6.0



- ----------------------------------------------------------------------



DESCRIPTION

 (This is a specific update for Conectiva Linux 6.0 which has already

 been applied to previous versions.)

 In versions prior to 2.3.0, if the openssh client receives a request

 for ssh-agent or X11 forwarding, it does not check if this feature

 has been negotiated during session setup and grants access.

 This could allow remote access to the client's display and ssh-agent

 service.





SOLUTION

 All openssh users should upgrade immediately.





DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES

http://atualizacoes.conectiva.com.br/6.0/SRPMS/openssh-2.3.0p1-1cl.src.rpm

http://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-2.3.0p1-1cl.i386.rpm

http://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-askpass-2.3.0p1-1cl.i386.rpm

http://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-askpass-gnome-2.3.0p1-1cl.i386.rpm

http://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-clients-2.3.0p1-1cl.i386.rpm

http://atualizacoes.conectiva.com.br/6.0/RPMS/openssh-server-2.3.0p1-1cl.i386.rpm





ADDITIONAL INSTRUCTIONS

 Users of Conectiva Linux version 6.0 or higher may use apt to perform

 upgrades:

 - add the following line to /etc/apt/sources.list if it is not there yet

   (you may also use linuxconf to do this):



 rpm [cncbr] http://atualizacoes.conectiva.com.br 6.0/conectiva updates



 - run:                 apt-get update

 - after that, execute: apt-get upgrade



 Detailed instructions reagarding the use of apt and upgrade examples

 can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en





- ----------------------------------------------------------------------

All packages are signed with Conectiva's GPG key. The key can be

obtained at http://www.conectiva.com.br/contato



- -----------------------------------------------------------------------

All our advisories and generic update instructions can be viewed at

http://www.conectiva.com.br/suporte/atualizacoes



- ----------------------------------------------------------------------

subscribe: atualizacoes-anuncio-subscribe@papaleguas.conectiva.com.br

unsubscribe: atualizacoes-anuncio-unsubscribe@papaleguas.conectiva.com.br

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1.0.4 (GNU/Linux)

Comment: For info see http://www.gnupg.org



iD8DBQE6LnUm42jd0JmAcZARAg9VAKCSd+WQsLBbUqHEYJ5kS1mNhIQFTQCgyR1b

3fGrlK64WO9AnPrsoyZGB70=

=OEo6

-----END PGP SIGNATURE-----