Security update for openssh
| Announcement ID: | SUSE-SU-2015:1840-1 |
| Rating: | moderate |
| References: | #673532 #903649 #905118 #914309 #932483 #936695 #938746 |
| Affected Products: |
An update that solves three vulnerabilities and has four fixes is now available.
Description:
openssh was updated to fix four security issues.
These security issues were fixed:
- CVE-2015-5352: The x11_open_helper function in channels.c in ssh in
OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the
refusal deadline for X connections, which made it easier for remote
attackers to bypass intended access restrictions via a connection
outside of the permitted time window (bsc#936695).
- CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd
in OpenSSH did not properly restrict the processing of
keyboard-interactive devices within a single connection, which made it
easier for remote attackers to conduct brute-force attacks or cause a
denial of service (CPU consumption) via a long and duplicative list in
the ssh -oKbdInteractiveDevices option, as demonstrated by a modified
client that provides a different password for each pam element on this
list (bsc#938746).
- CVE-2015-4000: Removed and disabled weak DH groups (bsc#932483).
- Hardening patch to fix sftp RCE (bsc#903649).
These non-security issues were fixed:
- bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential
for oom_killer.
- bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to
WebSphere mqm user.
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11-SP2-LTSS:
zypper in -t patch slessp2-openssh-12168=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):
- openssh-5.1p1-41.69.1
- openssh-askpass-5.1p1-41.69.1
- openssh-askpass-gnome-5.1p1-41.69.4
References:
- https://www.suse.com/security/cve/CVE-2015-4000.html
- https://www.suse.com/security/cve/CVE-2015-5352.html
- https://www.suse.com/security/cve/CVE-2015-5600.html
- https://bugzilla.suse.com/673532
- https://bugzilla.suse.com/903649
- https://bugzilla.suse.com/905118
- https://bugzilla.suse.com/914309
- https://bugzilla.suse.com/932483
- https://bugzilla.suse.com/936695
- https://bugzilla.suse.com/938746