Updated openssh packages fix security vulnerability
Publication date: 01 Jan 2018Modification date: 01 Jan 2018
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-10012 , CVE-2017-15906
Description
It was found that the boundary checks in the code implementing support for
pre-authentication compression could have been optimized out by certain
compilers. An attacker able to compromise the privilege-separated process
could possibly use this flaw for further attacks against the privileged
monitor process (CVE-2016-10012).
The process_open function in sftp-server.c in OpenSSH before 7.6 does not
properly prevent write operations in readonly mode, which allows attackers
to create zero-length files (CVE-2017-15906).
References
- https://bugs.mageia.org/show_bug.cgi?id=19987
- https://bugzilla.redhat.com/show_bug.cgi?id=1406293
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VZIQDU7D6MLXFXZ4R3ZG2FCH6EDR3MBD/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10012
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15906
SRPMS
5/core
- openssh-6.6p1-5.10.mga5