SUSE-RU-2019:0819-1: moderate: Recommended update for openssh

sle-updates at lists.suse.com sle-updates at lists.suse.com
Fri Mar 29 17:12:11 MDT 2019 

   SUSE Recommended Update: Recommended update for openssh
______________________________________________________________________________

Announcement ID:    SUSE-RU-2019:0819-1
Rating:             moderate
References:         #1119183 #1127180 
Affected Products:
                    SUSE Linux Enterprise Module for Server Applications 15
                    SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
                    SUSE Linux Enterprise Module for Desktop Applications 15
                    SUSE Linux Enterprise Module for Basesystem 15
______________________________________________________________________________

   An update that has two recommended fixes can now be
   installed.

Description:

   This update for openssh fixes the following issues:

   Issues addressed:

   - Removed the "KexDHMin" config keyword (bsc#1127180) It used to allow
     lowering of the minimal allowed DH group size, which was increased to
     2048 by upstream in the light of the Logjam attack. However, the code
     was broken since the upgrade to 7.6p1. It's still possible to use the
     fixed 1024-bit diffie-hellman-group1-sha1 key exchange method when
     working with legacy systems.
   - Fixed two race conditions in sshd relating to SIGHUP (bsc#1119183)


Patch Instructions:

   To install this SUSE Recommended Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Server Applications 15:

      zypper in -t patch SUSE-SLE-Module-Server-Applications-15-2019-819=1

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2019-819=1

   - SUSE Linux Enterprise Module for Desktop Applications 15:

      zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-2019-819=1

   - SUSE Linux Enterprise Module for Basesystem 15:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-2019-819=1



Package List:

   - SUSE Linux Enterprise Module for Server Applications 15 (aarch64 ppc64le s390x x86_64):

      openssh-debuginfo-7.6p1-9.26.4
      openssh-debugsource-7.6p1-9.26.4
      openssh-fips-7.6p1-9.26.4

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (aarch64 ppc64le s390x x86_64):

      openssh-cavs-7.6p1-9.26.4
      openssh-cavs-debuginfo-7.6p1-9.26.4
      openssh-debuginfo-7.6p1-9.26.4
      openssh-debugsource-7.6p1-9.26.4

   - SUSE Linux Enterprise Module for Desktop Applications 15 (aarch64 ppc64le s390x x86_64):

      openssh-askpass-gnome-7.6p1-9.26.4
      openssh-askpass-gnome-debuginfo-7.6p1-9.26.4

   - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x x86_64):

      openssh-7.6p1-9.26.4
      openssh-debuginfo-7.6p1-9.26.4
      openssh-debugsource-7.6p1-9.26.4
      openssh-helpers-7.6p1-9.26.4
      openssh-helpers-debuginfo-7.6p1-9.26.4


References:

   https://bugzilla.suse.com/1119183
   https://bugzilla.suse.com/1127180

More information about the sle-updates mailing list