Advisories ยป MGASA-2015-0271

Updated openssh package fixes security vulnerability

Publication date: 09 Jul 2015
Modification date: 09 Jul 2015
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-5352

Description

In Portable OpenSSH before 6.9p1, when forwarding X11 connections with
ForwardX11Trusted=no, connections made after ForwardX11Timeout expired
could be permitted and no longer subject to XSECURITY restrictions because
of an  ineffective timeout check in ssh (CVE-2015-5352).
                

References

SRPMS

4/core

5/core