UbuntuUpdates.org

Package "openssh"

Name: openssh

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • secure shell (SSH) client, for secure access to remote machines
  • secure shell (SSH) server, for secure access from remote machines
  • secure shell client and server (metapackage)
  • interactive X program to prompt users for a passphrase for ssh-add

Latest version: 1:5.9p1-5ubuntu1.10
Release: precise (12.04)
Level: security
Repository: main

Links



Other versions of "openssh" in Precise

Repository Area Version
base universe 1:5.9p1-5ubuntu1
base main 1:5.9p1-5ubuntu1
security universe 1:5.9p1-5ubuntu1.10
updates universe 1:5.9p1-5ubuntu1.10
updates main 1:5.9p1-5ubuntu1.10

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:5.9p1-5ubuntu1.10 2016-08-15 18:07:10 UTC

  openssh (1:5.9p1-5ubuntu1.10) precise-security; urgency=medium

  * SECURITY UPDATE: user enumeration via covert timing channel
    - debian/patches/CVE-2016-6210-1.patch: determine appropriate salt for
      invalid users in auth-passwd.c, openbsd-compat/xcrypt.c.
    - debian/patches/CVE-2016-6210-2.patch: mitigate timing of disallowed
      users PAM logins in auth-pam.c.
    - debian/patches/CVE-2016-6210-3.patch: search users for one with a
      valid salt in openbsd-compat/xcrypt.c.
    - CVE-2016-6210
  * SECURITY UPDATE: denial of service via long passwords
    - debian/patches/CVE-2016-6515.patch: skip passwords longer than 1k in
      length in auth-passwd.c.
    - CVE-2016-6515

 -- Marc Deslauriers <email address hidden> Thu, 11 Aug 2016 08:44:39 -0400

Source diff to previous version
CVE-2016-6210 User enumeration via covert timing channel
CVE-2016-6515 The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows r

Version: 1:5.9p1-5ubuntu1.9 2016-05-09 20:08:46 UTC

  openssh (1:5.9p1-5ubuntu1.9) precise-security; urgency=medium

  * SECURITY UPDATE: privilege escalation via environment files when
    UseLogin is configured
    - debian/patches/CVE-2015-8325.patch: ignore PAM environment vars when
      UseLogin is enabled in session.c.
    - CVE-2015-8325
  * SECURITY UPDATE: fallback from untrusted X11-forwarding to trusted
    - debian/patches/CVE-2016-1908-1.patch: use stack memory in
      clientloop.c.
    - debian/patches/CVE-2016-1908-2.patch: eliminate fallback in
      clientloop.c, clientloop.h, mux.c, ssh.c.
    - CVE-2016-1908
  * SECURITY UPDATE: shell-command restrictions bypass via crafted X11
    forwarding data
    - debian/patches/CVE-2016-3115.patch: sanitise characters destined for
      xauth in session.c.
    - CVE-2016-3115

 -- Marc Deslauriers <email address hidden> Thu, 05 May 2016 08:43:04 -0400

Source diff to previous version
CVE-2015-8325 ignore PAM environment vars when UseLogin=yes
CVE-2016-1908 Eliminate the fallback from untrusted X11-forwarding to trusted forwarding for cases when the X server disables the SECURITY extension
CVE-2016-3115 Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-comman

Version: 1:5.9p1-5ubuntu1.8 2016-01-14 16:07:09 UTC

  openssh (1:5.9p1-5ubuntu1.8) precise-security; urgency=medium

  * SECURITY UPDATE: information leak and overflow in roaming support
    - debian/patches/CVE-2016-077x.patch: completely disable roaming option
      in readconf.c.
    - CVE-2016-0777
    - CVE-2016-0778

 -- Marc Deslauriers Wed, 13 Jan 2016 10:49:17 -0500

Source diff to previous version

Version: 1:5.9p1-5ubuntu1.7 2015-08-18 15:07:28 UTC

  openssh (1:5.9p1-5ubuntu1.7) precise-security; urgency=medium

  * SECURITY REGRESSION: random auth failures because of uninitialized
    struct field (LP: #1485719)
    - debian/patches/CVE-2015-5600-2.patch:

 -- Marc Deslauriers Mon, 17 Aug 2015 21:53:19 -0400

Source diff to previous version
1485719 Uninitialized struct field in the fix for CVE-2015-5600 causes random auth failures
CVE-2015-5600 The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive dev

Version: 1:5.9p1-5ubuntu1.6 2015-08-14 16:07:02 UTC

  openssh (1:5.9p1-5ubuntu1.6) precise-security; urgency=medium

  * SECURITY UPDATE: possible user impersonation via PAM support
    - debian/patches/pam-security-1.patch: don't resend username to PAM in
      monitor.c, monitor_wrap.c.
    - CVE number pending
  * SECURITY UPDATE: use-after-free in PAM support
    - debian/patches/pam-security-2.patch: fix use after free in monitor.c.
    - CVE number pending
  * SECURITY UPDATE:
    - debian/patches/CVE-2015-5600.patch: only query each
      keyboard-interactive device once per authentication request in
      auth2-chall.c.
    - CVE-2015-5600
  * SECURITY UPDATE: X connections access restriction bypass
    - debian/patches/CVE-2015-5352.patch: refuse ForwardX11Trusted=no
      connections attempted after ForwardX11Timeout expires in channels.c,
      channels.h, clientloop.c.
    - CVE-2015-5352

 -- Marc Deslauriers Fri, 14 Aug 2015 07:45:28 -0400

CVE-2015-5600 The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive dev
CVE-2015-5352 The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadli



About   -   Send Feedback to @ubuntu_updates