Updated openssh packages fix security vulnerabilities
Publication date: 15 Jan 2016Modification date: 15 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0777 , CVE-2016-0778
Description
An information leak flaw was found in the way the OpenSSH client roaming
feature was implemented. A malicious server could potentially use this flaw to
leak portions of memory (possibly including private SSH keys) of a
successfully authenticated OpenSSH client (CVE-2016-0777).
A buffer overflow flaw was found in the way the OpenSSH client roaming feature
was implemented. A malicious server could potentially use this flaw to execute
arbitrary code on a successfully authenticated OpenSSH client if that client
used certain non-default configuration options (CVE-2016-0778).
The issue only affects OpenSSH clients making use of the ProxyCommand feature.
This update disables the roaming feature completely.
References
- https://bugs.mageia.org/show_bug.cgi?id=17494
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0777
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0778
- http://www.openssh.com/security.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
SRPMS
5/core
- openssh-6.6p1-5.6.mga5