Описание
Security update for openssh
This update for OpenSSH fixes three security issues.
These security issues were fixed:
- CVE-2016-3115: Sanitise input for xauth(1) (bsc#970632)
- CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections (bsc#962313)
- CVE-2015-8325: Ignore PAM environment when using login (bsc#975865)
These non-security issues were fixed:
- Fix help output of sftp (bsc#945493)
- Restarting openssh with openssh-fips installed was not working correctly (bsc#945484)
- Fix crashes when /proc is not available in the chroot (bsc#947458)
- Correctly parse GSSAPI KEX algorithms (bsc#961368)
- More verbose FIPS mode/CC related documentation in README.FIPS (bsc#965576, bsc#960414)
- Fix PRNG re-seeding (bsc#960414, bsc#729190)
- Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902)
Список пакетов
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP1
Ссылки
- Link for SUSE-SU-2016:1386-1
- E-Mail link for SUSE-SU-2016:1386-1
- SUSE Security Ratings
- SUSE Bug 729190
- SUSE Bug 932483
- SUSE Bug 945484
- SUSE Bug 945493
- SUSE Bug 947458
- SUSE Bug 948902
- SUSE Bug 960414
- SUSE Bug 961368
- SUSE Bug 962313
- SUSE Bug 965576
- SUSE Bug 970632
- SUSE Bug 975865
- SUSE CVE CVE-2015-8325 page
- SUSE CVE CVE-2016-1908 page
- SUSE CVE CVE-2016-3115 page
Описание
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
Затронутые продукты
Ссылки
- CVE-2015-8325
- SUSE Bug 1138392
- SUSE Bug 975865
- SUSE Bug 996040
Описание
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
Затронутые продукты
Ссылки
- CVE-2016-1908
- SUSE Bug 1001712
- SUSE Bug 1005738
- SUSE Bug 1010950
- SUSE Bug 1138392
- SUSE Bug 962313
- SUSE Bug 996040
Описание
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
Затронутые продукты
Ссылки
- CVE-2016-3115
- SUSE Bug 1005738
- SUSE Bug 1010950
- SUSE Bug 1059233
- SUSE Bug 1138392
- SUSE Bug 970632
- SUSE Bug 992296
- SUSE Bug 992991
- SUSE Bug 996040