Paketname
openssh
Datum
2014-04-09
Advisory ID
MDVSA-2014:068
Betroffene Versionen
MBS1 x86_64

Problembeschreibung

Updated openssh packages fixes security vulnerabilities:

sshd in OpenSSH before 6.6 does not properly support wildcards
on AcceptEnv lines in sshd_config, which allows remote attackers to
bypass intended environment restrictions by using a substring located
before a wildcard character (CVE-2014-2532).

Matthew Vernon reported that if a SSH server offers a HostCertificate
that the ssh client doesn't accept, then the client doesn't check
the DNS for SSHFP records. As a consequence a malicious server can
disable SSHFP-checking by presenting a certificate (CVE-2014-2653).

Aktualisierte Pakete

MBS1 x86_64

 753bd40deb60429adc6a7c1afd63ee3d  mbs1/x86_64/openssh-5.9p1-6.3.mbs1.x86_64.rpm
 377e7fbb14f72a1e32da41f19be7baa8  mbs1/x86_64/openssh-askpass-5.9p1-6.3.mbs1.x86_64.rpm
 a906db623fc8d56eab9b8b99b1af84d9  mbs1/x86_64/openssh-askpass-common-5.9p1-6.3.mbs1.x86_64.rpm
 9fc03d4929efdf21a26aef308eb66f14  mbs1/x86_64/openssh-askpass-gnome-5.9p1-6.3.mbs1.x86_64.rpm
 f2dbea4a0a8109bc835c69e871f07a69  mbs1/x86_64/openssh-clients-5.9p1-6.3.mbs1.x86_64.rpm
 a20d329b8332ff7f7f10dd541a3865a9  mbs1/x86_64/openssh-server-5.9p1-6.3.mbs1.x86_64.rpm 
 0fd2c0a9338a7e8e8747c2ea3ae43c49  mbs1/SRPMS/openssh-5.9p1-6.3.mbs1.src.rpm

Referenzen