Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2016:1455-1

Опубликовано: 31 мая 2016
Источник: suse-cvrf

Описание

Security update for openssh

This update for OpenSSH fixes three security issues.

These security issues were fixed:

  • CVE-2016-3115: Sanitise input for xauth(1) (bsc#970632)
  • CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections (bsc#962313)
  • CVE-2015-8325: Ignore PAM environment when using login (bsc#975865)

These non-security issues were fixed:

  • Fix help output of sftp (bsc#945493)
  • Restarting openssh with openssh-fips installed was not working correctly (bsc#945484)
  • Fix crashes when /proc is not available in the chroot (bsc#947458)
  • Correctly parse GSSAPI KEX algorithms (bsc#961368)
  • More verbose FIPS mode/CC related documentation in README.FIPS (bsc#965576, bsc#960414)
  • Fix PRNG re-seeding (bsc#960414, bsc#729190)
  • Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902)

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.1
openssh-6.6p1-11.1
openssh-askpass-gnome-6.6p1-11.1
openssh-cavs-6.6p1-11.1
openssh-fips-6.6p1-11.1
openssh-helpers-6.6p1-11.1

Ссылки

Описание

The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.

Затронутые продукты
openSUSE Leap 42.1:openssh-6.6p1-11.1
openSUSE Leap 42.1:openssh-askpass-gnome-6.6p1-11.1
openSUSE Leap 42.1:openssh-cavs-6.6p1-11.1
openSUSE Leap 42.1:openssh-fips-6.6p1-11.1
Ссылки

Описание

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.

Затронутые продукты
openSUSE Leap 42.1:openssh-6.6p1-11.1
openSUSE Leap 42.1:openssh-askpass-gnome-6.6p1-11.1
openSUSE Leap 42.1:openssh-cavs-6.6p1-11.1
openSUSE Leap 42.1:openssh-fips-6.6p1-11.1
Ссылки

Описание

Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.

Затронутые продукты
openSUSE Leap 42.1:openssh-6.6p1-11.1
openSUSE Leap 42.1:openssh-askpass-gnome-6.6p1-11.1
openSUSE Leap 42.1:openssh-cavs-6.6p1-11.1
openSUSE Leap 42.1:openssh-fips-6.6p1-11.1
Ссылки