[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: openssh_7.2p2+ availability for wheezy

On 27.07.17 15:42, Adam Weremczuk wrote:
These are the vulnerability I'm referring to and they have been addressed in OpenSSH versions 6.6 and 7.2p2:

Threat 1:

The sshd server fails to validate user-supplied X11 authentication credentials when establishing an X11 forwarding session. An authenticated user may inject
arbitrary xauth commands by sending an x11 channel request that includes a
newline character in the x11 cookie.
Please note that Systems with X11Forwarding enabled are affected.
Affected Versions:
OpenSSH versions prior to 7.2p2

you are apparently talking about CVE-2016-3115


see noted at bottom:

[jessie] - openssh <no-dsa> (Minor issue)
[wheezy] - openssh <no-dsa> (Minor issue)

this was apparently resolved as minor, so no DSA was issued.

Threat 2:

The security issue is caused by an error within the "child_set_env()" function
(usr.bin/ssh/session.c) and can be exploited to bypass intended environment
restrictions by using a substring before a wildcard character.
Affected Versions:
OpenSSH Versions prior to 6.6 are affected

apparently CVE-2014-2532

openssh (PTS)	wheezy	1:6.0p1-4+deb7u4	fixed
	wheezy (security)	1:6.0p1-4+deb7u6	fixed
	jessie (security), jessie	1:6.7p1-5+deb8u3	fixed
	stretch	1:7.4p1-10+deb9u1	fixed
	buster, sid	1:7.5p1-5	fixed

fixed long ago

Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I wonder how much deeper the ocean would be without sponges.
Reply to: