|
|
| Problem Description |
Sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled,
allows GSSAPI credentials to be delegated to clients who log in using
non-GSSAPI methods, which could cause those credentials to be exposed
to untrusted users or hosts.
GSSAPI is only enabled in versions of openssh shipped in LE2005 and
greater.
The updated packages have been patched to correct this issue.
| Updated Packages |
Mandriva Linux LE2005
5b16f3323d58303c290bf4b8c4e2a4b3 10.2/RPMS/openssh-3.9p1-9.1.102mdk.i586.rpm 2a7fca4e1c99008a53cb9498c1bd9840 10.2/RPMS/openssh-askpass-3.9p1-9.1.102mdk.i586.rpm 65f397d175fb638d0e73912a7e9faa7d 10.2/RPMS/openssh-askpass-gnome-3.9p1-9.1.102mdk.i586.rpm 2733baa7c0258da37920d66a7f1ee9d3 10.2/RPMS/openssh-clients-3.9p1-9.1.102mdk.i586.rpm a93cd3020e41bd6b25c3fa57ca8586f8 10.2/RPMS/openssh-server-3.9p1-9.1.102mdk.i586.rpm f90cfc307f313e14ddd919fc729f1984 10.2/SRPMS/openssh-3.9p1-9.1.102mdk.src.rpm
Mandriva Linux LE2005/X86_64
545f0245578cee586f2ded4b3616061a x86_64/10.2/RPMS/openssh-3.9p1-9.1.102mdk.x86_64.rpm 98962ab477d7cc19338d04acdb462ec1 x86_64/10.2/RPMS/openssh-askpass-3.9p1-9.1.102mdk.x86_64.rpm 0935a8dd00cdb2604e6fd37a6913cb91 x86_64/10.2/RPMS/openssh-askpass-gnome-3.9p1-9.1.102mdk.x86_64.rpm 7c124895fc7fad47d1e88ee3ebe91daf x86_64/10.2/RPMS/openssh-clients-3.9p1-9.1.102mdk.x86_64.rpm 27bc59e934f3d196470611cc4e9dd430 x86_64/10.2/RPMS/openssh-server-3.9p1-9.1.102mdk.x86_64.rpm f90cfc307f313e14ddd919fc729f1984 x86_64/10.2/SRPMS/openssh-3.9p1-9.1.102mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2798
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.