Advisories » MGASA-2016-0022

Updated openssh packages fix security vulnerabilities

Publication date: 15 Jan 2016
Modification date: 15 Jan 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-0777 , CVE-2016-0778

Description

An information leak flaw was found in the way the OpenSSH client roaming
feature was implemented. A malicious server could potentially use this flaw to
leak portions of memory (possibly including private SSH keys) of a
successfully authenticated OpenSSH client (CVE-2016-0777).

A buffer overflow flaw was found in the way the OpenSSH client roaming feature
was implemented. A malicious server could potentially use this flaw to execute
arbitrary code on a successfully authenticated OpenSSH client if that client
used certain non-default configuration options (CVE-2016-0778).

The issue only affects OpenSSH clients making use of the ProxyCommand feature.
This update disables the roaming feature completely.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=17494
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0777
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0778
• http://www.openssh.com/security.html
• https://www.cve.org/CVERecord?id=CVE-2016-0777
• https://www.cve.org/CVERecord?id=CVE-2016-0778

SRPMS

5/core

• openssh-6.6p1-5.6.mga5