I recently upgraded to v3.7.1p2 and now when I su to root and ssh to another host as root, I get a warning "Warning: No xauth data; using fake authentication data for X11 forwarding." I think this is because root is unable to access my regular user account's .Xauthority file (homedir is on root-squashed NFS server). When I run "ssh -x" I don't get this error message. Did older versions of ssh not try to do X11 forwarding if they couldn't access the local .Xauthority file? Is this a bug? I have "ForwardX11 yes" set in ssh_config. I can post the full config if that would be helpful. Also I can post debug output from client or server.
Do you have UsePrivilegeSeparation enabled? If not, does enabling it make any difference?
Took another look: it's just a warning (and thus will be suppressed with "ssh -q" or "LogLevel QUIET" in a config file). From the code in question (ssh.c): /* * If we didn't get authentication data, just make up some * data. The forwarding code will check the validity of the * response anyway, and substitute this data. The X11 * server, however, will ignore this fake data and use * whatever authentication mechanisms it was using otherwise * for the local connection. */ So, yes, it's probably due to your .Xauthority not being readable but it's not anything to worry about (and there's nothing much that ssh could do about it anyway...)
Change all RESOLVED bug to CLOSED with the exception of the ones fixed post-4.4.