[SECURITY] [DLA-1474-1] openssh security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : openssh
Version : 1:6.7p1-5+deb8u5
CVE ID : CVE-2018-15473
Debian Bug : #906236
It was discovered that there was a user enumeration vulnerability in
OpenSSH. A remote attacker couldtest whether a certain user exists
on a target server.
For Debian 8 "Jessie", this issue has been fixed in openssh version
1:6.7p1-5+deb8u5.
We recommend that you upgrade your openssh packages.
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlt8SEwACgkQHpU+J9Qx
HlhMGxAAlPo7NA5IAD6fXl94Fmm9D7eMNkCBWbwHueSgxKRkVKXxPUBCuZ1QrPMz
H+lRWI/mCD2cxqtGcPDvPC49Aa/HP1ZLCQSV66tdwExGjOJMuPF7Wu4hhPJuULbJ
YLY1kLTyLs7k2VCO6jYXOW57slcUAX+dfgrnd21rMZiFwpNmij0ulcajuCJRcSv9
t0a5C4nhMptRy7X3moBcZO33uGUPT4b/sW3m0Z/YzRTVngB5wzg2vsVa/+YqZNqH
qFr6M+yEqT1QIt7MKWjUfO0Mj6zBfTr2i9DO8iwYJgMQRDbk21dNskabjhDNSLsC
0aQmJ1dRwbaK80ocReLcvmMIVAJle7PFWK6fsnMCeRsIwvXLp6Y4WclBZk/jySj8
19ObdIowwjiTD5Z/FhxlVD9MVNMQJnBb7y+5Zy1r8UYThXaEIy3TWGiKc0jU/+x8
/z6l+3izonJOdnCmMZ9ogNx69smJWoaf9NpdC1Ep4uim/Cq6BKNSSi52XPmiKSX8
Joiafh3SOaZ5SdeI7Kygc0WpBSrUI3mYiSm0KTqPYou/WsuXGbA1Do1rssMQGcrX
4nK+si+npc5QViytH41qZ+xUYhfshqnvV0T4MGlNmxL33nFonPQLggRkv58kR+W4
NF5tPDdFjpBHe2exIItFZtQhV4ESomsdjz1nAa1yE+qBB4Z1Rho=
=ZrdX
-----END PGP SIGNATURE-----
Reply to: