Updated openssh package fixes security vulnerability
Publication date: 09 Jul 2015Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-5352
Description
In Portable OpenSSH before 6.9p1, when forwarding X11 connections with ForwardX11Trusted=no, connections made after ForwardX11Timeout expired could be permitted and no longer subject to XSECURITY restrictions because of an ineffective timeout check in ssh (CVE-2015-5352).
References
SRPMS
4/core
- openssh-6.2p2-3.3.mga4
5/core
- openssh-6.6p1-5.1.mga5