Security Fix : OpenSSH
A new advisories has been released for OpenSSH package which is now upgraded to 5.0. Along with this are update to mercurial and mkinitrd and also inclusion of dbus-python. Here's the latest -Current changelog:
Fri Apr 4 13:47:24 CDT 2008
a/mkinitrd-1.3.2-i486-1.tgz: Patched to fix problems with previous settings getting overwritten with a plain "mkinitrd", and added support for non-US keyboards. Thanks to Eric Hameleers.
d/mercurial-1.0-i486-1.tgz: Upgraded to mercurial-1.0.
l/dbus-python-0.82.4-i486-1.tgz: Added dbus-python-0.82.4, which is needed for the correct operation of hplip. Thanks to Robby Workman.
n/openssh-5.0p1-i486-1.tgz: Upgraded to openssh-5.0p1.
This version fixes a security issue where local users could hijack forwarded X connections. Upgrading to the new package is highly recommended.
For more information on this security issue, please see:
(* Security fix *)
usb-and-pxe-installers/initrd.img. Removed. Use the initrd.img from isolinux/ as the installer images had become identical. Also see Eric Hameleers' updated README_PXE.TXT.