Advisories ยป MGASA-2019-0156

Updated openssh packages fix security vulnerabilities

Publication date: 12 May 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-6109 , CVE-2019-6111

Description

Updated openssh packages fix security vulnerabilities:

Due to missing character encoding in the progress display, the object
name can be used to manipulate the client output, for example to employ
ANSI codes to hide additional files being transferred (CVE-2019-6109).

Due to scp client insufficient input validation in path names sent by
server, a malicious server can do arbitrary file overwrites in target
directory. If the recursive (-r) option is provided, the server can
also manipulate subdirectories as well (CVE-2019-6111).

The check added in this version can lead to regression if the client and
the server have differences in wildcard expansion rules. If the server is
trusted for that purpose, the check can be disabled with a new -T option
to the scp client.
                

References

SRPMS

6/core