SUSE-SU-2015:1840-1: moderate: Security update for openssh

sle-security-updates at sle-security-updates at
Wed Oct 28 10:09:51 MDT 2015

   SUSE Security Update: Security update for openssh

Announcement ID:    SUSE-SU-2015:1840-1
Rating:             moderate
References:         #673532 #903649 #905118 #914309 #932483 #936695 
Cross-References:   CVE-2015-4000 CVE-2015-5352 CVE-2015-5600
Affected Products:
                    SUSE Linux Enterprise Server 11-SP2-LTSS

   An update that solves three vulnerabilities and has four
   fixes is now available.


   openssh was updated to fix four security issues.

   These security issues were fixed:
   - CVE-2015-5352: The x11_open_helper function in channels.c in ssh in
     OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the
     refusal deadline for X connections, which made it easier for remote
     attackers to bypass intended access restrictions via a connection
     outside of the permitted time window (bsc#936695).
   - CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd
     in OpenSSH did not properly restrict the processing of
     keyboard-interactive devices within a single connection, which made it
     easier for remote attackers to conduct brute-force attacks or cause a
     denial of service (CPU consumption) via a long and duplicative list in
     the ssh -oKbdInteractiveDevices option, as demonstrated by a modified
     client that provides a different password for each pam element on this
     list (bsc#938746).
   - CVE-2015-4000: Removed and disabled weak DH groups (bsc#932483).
   - Hardening patch to fix sftp RCE (bsc#903649).

   These non-security issues were fixed:
   - bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential
     for oom_killer.
   - bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to
     WebSphere mqm user.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 11-SP2-LTSS:

      zypper in -t patch slessp2-openssh-12168=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Server 11-SP2-LTSS (i586 s390x x86_64):



More information about the sle-security-updates mailing list