This new release fixes multiple bugs in the new PAM code, which are in addition to the other recent Buffer Management Bugs. As I previously posted about this issue, I was expecting this new release to come shortly & as always, the OpenBSD/OpenSSH team have not waited around. Like I already stated this issue does not affect OpenSSH on OpenBSD - only the portable versions 3.7p & 3.7.1p1 are vulnerable. View the advisory here, either upgrade or disable PAM support.
Post ID: 66, posted by jase at 09:02 PMThanks for signing in, . Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved before your comment will appear.)