- markus@cvs.openbsd.org 2008/04/02 15:36:51

[channels.c] avoid possible hijacking of x11-forwarded connections (back out 1.183) CVE-2008-1483; ok djm@
openssh · Apr 2, 2008 · 5f5cd74 · 5f5cd74
1 parent 0abb232
commit 5f5cd74
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,10 @@
+20080403
+ - (djm) OpenBSD CVS sync:
+   - markus@cvs.openbsd.org 2008/04/02 15:36:51
+     [channels.c]
+     avoid possible hijacking of x11-forwarded connections (back out 1.183)
+     CVE-2008-1483; ok djm@
+
 20080327
  - (dtucker) Cache selinux status earlier so we know if it's enabled after a
    chroot.  Allows ChrootDirectory to work with selinux support compiled in
@@ -3825,4 +3832,4 @@
    OpenServer 6 and add osr5bigcrypt support so when someone migrates
    passwords between UnixWare and OpenServer they will still work. OK dtucker@
 
-$Id: ChangeLog,v 1.4897 2008/03/27 06:53:09 djm Exp $
+$Id: ChangeLog,v 1.4898 2008/04/02 21:43:57 djm Exp $
diff --git a/channels.c b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.272 2008/01/19 23:02:40 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.273 2008/04/02 21:36:51 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2906,9 +2906,6 @@ x11_create_display_inet(int x11_display_offset, int x11_use_localhost,
 				debug2("bind port %d: %.100s", port, strerror(errno));
 				close(sock);
 
-				if (ai->ai_next)
-					continue;
-
 				for (n = 0; n < num_socks; n++) {
 					close(socks[n]);
 				}