pkgsrc-changes: CVS commit: pkgsrc/security/lsh

Subject: CVS commit: pkgsrc/security/lsh
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 04/05/2006 23:59:33

Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Apr  5 23:59:33 UTC 2006

Modified Files:
	pkgsrc/security/lsh: Makefile distinfo
Added Files:
	pkgsrc/security/lsh/patches: patch-ad

Log Message:
Backport fix for CVE-2006-0353 from lsh2:

"unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related
 to the randomness generator, which allows local users to cause a denial
 of service by truncating the seed file, which prevents the server from
 starting, or obtain sensitive seed information that could be used to
 crack keys."

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0353


To generate a diff of this commit:
cvs rdiff -r1.12 -r1.13 pkgsrc/security/lsh/Makefile
cvs rdiff -r1.4 -r1.5 pkgsrc/security/lsh/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/security/lsh/patches/patch-ad

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.