SUSE-SU-2025:1576-1

Опубликовано: 19 мая 2025

Источник: suse-cvrf

Описание

Security update for openssh

This update for openssh fixes the following issues:

Security issues fixed:
- CVE-2025-32728: Fixed a logic error in DisableForwarding option (bsc#1241012)
Other bugs fixed:
- Allow KEX hashes greater than 256 bits (bsc#1241045)
- Fixed hostname being left out of the audit output (bsc#1228634)
- Fixed failures with very large MOTDs (bsc#1232533)

Список пакетов

Container suse/manager/4.3/proxy-ssh:latest

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

Container suse/sle-micro-rancher/5.2:latest

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

Container suse/sle-micro-rancher/5.3:latest

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

Container suse/sle-micro-rancher/5.4:latest

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

Container suse/sle-micro/5.5:latest

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Enterprise Storage 7.1

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Micro 5.1

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Micro 5.2

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Micro 5.3

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Micro 5.4

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Micro 5.5

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Server 15 SP3-LTSS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Server 15 SP4-LTSS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Server 15 SP5-LTSS

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Server for SAP Applications 15 SP4

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Linux Enterprise Server for SAP Applications 15 SP5

openssh-8.4p1-150300.3.49.1

openssh-askpass-gnome-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Manager Proxy 4.3

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

SUSE Manager Server 4.3

openssh-8.4p1-150300.3.49.1

openssh-clients-8.4p1-150300.3.49.1

openssh-common-8.4p1-150300.3.49.1

openssh-fips-8.4p1-150300.3.49.1

openssh-helpers-8.4p1-150300.3.49.1

openssh-server-8.4p1-150300.3.49.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20251576-1/
Link for SUSE-SU-2025:1576-1
https://lists.suse.com/pipermail/sle-updates/2025-May/039241.html
E-Mail link for SUSE-SU-2025:1576-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1228634
SUSE Bug 1228634
https://bugzilla.suse.com/1232533
SUSE Bug 1232533
https://bugzilla.suse.com/1241012
SUSE Bug 1241012
https://bugzilla.suse.com/1241045
SUSE Bug 1241045
https://www.suse.com/security/cve/CVE-2025-32728/
SUSE CVE CVE-2025-32728 page

Описание

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.

Затронутые продукты

Container suse/manager/4.3/proxy-ssh:latest:openssh-8.4p1-150300.3.49.1

Container suse/manager/4.3/proxy-ssh:latest:openssh-clients-8.4p1-150300.3.49.1

Container suse/manager/4.3/proxy-ssh:latest:openssh-common-8.4p1-150300.3.49.1

Container suse/manager/4.3/proxy-ssh:latest:openssh-fips-8.4p1-150300.3.49.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-32728.html
CVE-2025-32728
https://bugzilla.suse.com/1241012
SUSE Bug 1241012

SUSE-SU-2025:1576-1

Описание

Список пакетов

Container suse/manager/4.3/proxy-ssh:latest

Container suse/sle-micro-rancher/5.2:latest

Container suse/sle-micro-rancher/5.3:latest

Container suse/sle-micro-rancher/5.4:latest

Container suse/sle-micro/5.5:latest

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Micro 5.2

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Micro 5.5

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server 15 SP5-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Linux Enterprise Server for SAP Applications 15 SP5

SUSE Manager Proxy 4.3

SUSE Manager Server 4.3

Ссылки

Уязвимость: CVE-2025-32728

Описание

Затронутые продукты

Ссылки