Commits
Gustavo Zacarias committed ae58da71111
openssh: security bump to version 7.4p1 Fixes: CVE-2016-10009 - ssh-agent(1): Will now refuse to load PKCS#11 modules from paths outside a trusted whitelist CVE-2016-10010 - sshd(8): When privilege separation is disabled, forwarded Unix-domain sockets would be created by sshd(8) with the privileges of 'root' CVE-2016-10011 - sshd(8): Avoid theoretical leak of host private key material to privilege-separated child processes via realloc() CVE-2016-10012 - sshd(8): The shared memory manager used by pre-authentication compression support had a bounds checks that could be elided by some optimising compilers http://seclists.org/oss-sec/2016/q4/708 Drop upstream patch. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>