SUSE-SU-2012:1042-1: Security update for openssh

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon Aug 27 08:08:21 MDT 2012


   SUSE Security Update: Security update for openssh
______________________________________________________________________________

Announcement ID:    SUSE-SU-2012:1042-1
Rating:             low
References:         #709782 #744643 #756370 
Affected Products:
                    SUSE Linux Enterprise Server 10 SP4
                    SUSE Linux Enterprise Desktop 10 SP4
______________________________________________________________________________

   An update that contains security fixes can now be installed.

Description:


   This collective security update of openssh fixed multiple
   security issues:

   * memory exhaustion in gssapi due to integer overflow
   (bnc#756370, CVE-2011-5000)
   * forced command option information leak (bnc#744643,
   CVE-2012-0814)



Package List:

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc ppc64 s390x x86_64):

      openssh-5.1p1-41.12.8

   - SUSE Linux Enterprise Server 10 SP4 (i586 ia64 ppc s390x x86_64):

      openssh-askpass-5.1p1-41.12.8

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      openssh-5.1p1-41.12.8
      openssh-askpass-5.1p1-41.12.8


References:

   https://bugzilla.novell.com/709782
   https://bugzilla.novell.com/744643
   https://bugzilla.novell.com/756370
   http://download.novell.com/patch/finder/?keywords=1433a415c626f2bfb25c692b714ebf1c



More information about the sle-security-updates mailing list