K 10
svn:author
V 7
delphij
K 8
svn:date
V 27
2017-01-11T05:42:06.825627Z
K 7
svn:log
V 364
Apply upstream fix for CVE-2016-10009 and CVE-2016-10010:

  add a whitelist of paths from which ssh-agent will load (via
  ssh-pkcs11-helper) a PKCS#11 module; ok markus@

  disable Unix-domain socket forwarding when privsep is disabled

(Note that this is a backport of upstream fixes, and this commit
is mainly to ease future imports).

Obtained from:  OpenBSD

END