Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2025:01638-1

Опубликовано: 21 мая 2025
Источник: suse-cvrf

Описание

Security update for openssh

This update for openssh fixes the following issue:

Security fixes:

  • CVE-2025-32728: Fixed logic error in DisableForwarding option (bsc#1241012)

Other fixes:

  • Fix ssh client segfault with GSSAPIKeyExchange=yes in ssh_kex2 due to gssapi proposal not being correctly initialized (bsc#1236826). The problem was introduced in the rebase of the patch for 9.6p1
  • Enable --with-logind to call the SetTTY dbus method in systemd. This allows 'wall' to print messages in ssh ttys (bsc#1239671)

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP6
openssh-9.6p1-150600.6.26.1
openssh-clients-9.6p1-150600.6.26.1
openssh-common-9.6p1-150600.6.26.1
openssh-fips-9.6p1-150600.6.26.1
openssh-helpers-9.6p1-150600.6.26.1
openssh-server-9.6p1-150600.6.26.1
openssh-server-config-disallow-rootlogin-9.6p1-150600.6.26.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
openssh-askpass-gnome-9.6p1-150600.6.26.1
openSUSE Leap 15.6
openssh-9.6p1-150600.6.26.1
openssh-askpass-gnome-9.6p1-150600.6.26.1
openssh-cavs-9.6p1-150600.6.26.1
openssh-clients-9.6p1-150600.6.26.1
openssh-common-9.6p1-150600.6.26.1
openssh-fips-9.6p1-150600.6.26.1
openssh-helpers-9.6p1-150600.6.26.1
openssh-server-9.6p1-150600.6.26.1
openssh-server-config-disallow-rootlogin-9.6p1-150600.6.26.1

Ссылки

Описание

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP6:openssh-9.6p1-150600.6.26.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:openssh-clients-9.6p1-150600.6.26.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:openssh-common-9.6p1-150600.6.26.1
SUSE Linux Enterprise Module for Basesystem 15 SP6:openssh-fips-9.6p1-150600.6.26.1
Ссылки