OpenSSH update fixes recent vulnerabilities
Source: Techtonic - Posted by Benjamin D. Thomas   
Security Projects The first fix prevents "GatewayPorts" from being "incorrectly activated for dynamic ('-D') port forwardings when no listen address was explicitly specified," according to the changelog. The update also prevents GSSAPI credentials being "delegated to users who log in with methods other than GSSAPI authentication (e.g. public key) when the client requests it." The update also includes a host of bug fixes, improvements and added features according to the announcement.

Server shell (SSH) technology is used to encrypt network traffic that otherwise is relatively open to eavesdropping and attack. OpenSSH is one of the open source alternatives to proprietary secure shell software.

Read this full article at Techtonic

Only registered users can write comments.
Please login or register.

Powered by AkoComment!