SUSE-SU-2016:1528-1 -- SLES opensshID: oval:org.secpod.oval:def:89045158 | Date: (C)2021-08-03 (M)2023-12-07 |
Class: PATCH | Family: unix |
openssh was updated to fix three security issues. These security issues were fixed: - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the do_authenticated1 and session_x11_req functions . - CVE-2016-1908: Possible fallback from untrusted to trusted X11 forwarding . - CVE-2015-8325: Ignore PAM environment vars when UseLogin=yes . These non-security issues were fixed: - Correctly parse GSSAPI KEX algorithms - More verbose FIPS mode/CC related documentation in README.FIPS - Fix PRNG re-seeding - Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option - Allow empty Match blocks
Platform: |
SUSE Linux Enterprise Server 11 SP4 |