SUSE-SU-2016:0118-1 -- Suse opensshID: oval:org.secpod.oval:def:400633 | Date: (C)2016-11-22 (M)2024-01-29 |
Class: PATCH | Family: unix |
This update for openssh fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client"s private key through the roaming feature - CVE-2016-0778: A malicious or compromised server could could trigger a buffer overflow in the OpenSSH client through the roaming feature This update disables the undocumented feature supported by the OpenSSH client and a commercial SSH server.
Platform: |
SUSE Linux Enterprise Server 12 SP1 |
SUSE Linux Enterprise Desktop 12 SP1 |
SUSE Linux Enterprise Desktop 12 |
SUSE Linux Enterprise Server 12 |