A Red Hat specific patch used in the openssh packages as shipped in Red
Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain ownership
requirements for directories used as arguments for the ChrootDirectory
configuration options. A malicious user that also has or previously had
non-chroot shell access to a system could possibly use this flaw to
escalate their privileges and run commands as any system user.
(CVE-2009-2904)
After installing this update, the OpenSSH server daemon (sshd) will be
restarted automatically.