Bug#790798: CVE-2015-5352

To: 790798@bugs.debian.org
Subject: Bug#790798: CVE-2015-5352
From: Aníbal Monsalve Salazar <anibal@debian.org>
Date: Thu, 9 Jul 2015 23:55:24 +1000
Message-id: <[🔎] 20150709135524.GA4376@master.debian.org>
Reply-to: Aníbal Monsalve Salazar <anibal@debian.org>, 790798@bugs.debian.org
In-reply-to: <[🔎] 20150701193137.15976.88055.reportbug@pisco.westfalen.local>
References: <[🔎] 20150701193137.15976.88055.reportbug@pisco.westfalen.local>

On Wed, 2015-07-01 21:31:37 +0200, Moritz Muehlenhoff wrote:
> Hi Colin,
> CVE-2015-5352 was assigned to this change from 6.9:
>
>>  * ssh(1): when forwarding X11 connections with ForwardX11Trusted=no,
>>    connections made after ForwardX11Timeout expired could be permitted
>>    and no longer subject to XSECURITY restrictions because of an
>>    ineffective timeout check in ssh(1) coupled with "fail open"
>>    behaviour in the X11 server when clients attempted connections with
>>    expired credentials. This problem was reported by Jann Horn.
>
> Fix:
> https://anongit.mindrot.org/openssh.git/commit/?h=V_6_9&id=1bf477d3cdf1a864646d59820878783d42357a1d

More information about CVE-2015-5352 is available at:
https://thejh.net/written-stuff/openssh-6.8-xsecurity

> I don't think this warrants a DSA, we can line up the fix for a future
> DSA or a jessie point update. Or do yo disagree?
>
> Cheers,
>         Moritz

Reply to:

References:
- Bug#790798: CVE-2015-5352
  - From: Moritz Muehlenhoff <mmuhlenhoff@wikimedia.org>

Prev by Date: Bug#766280: openssh-client: Failure to use PKCS11Provider when PKCS11Provider is set in configuration
Next by Date: CVE-2015-5352: openSSH in squeeze not affected(?)
Previous by thread: Bug#790798: CVE-2015-5352
Next by thread: Processed: found 790798 in 1:6.7p1-5, tagging 790798
Index(es):
- Date
- Thread