[ubuntu/trusty-security] openssh 1:6.6p1-2ubuntu2.10 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jan 22 16:39:43 UTC 2018
openssh (1:6.6p1-2ubuntu2.10) trusty-security; urgency=medium
* SECURITY UPDATE: untrusted search path when loading PKCS#11 modules
- debian/patches/CVE-2016-10009.patch: add a whitelist of paths from
which ssh-agent will load a PKCS#11 module in ssh-agent.1,
ssh-agent.c.
- debian/patches/CVE-2016-10009-2.patch: fix deletion of PKCS#11 keys
in ssh-agent.c.
- debian/patches/CVE-2016-10009-3.patch: relax whitelist in
ssh-agent.c.
- debian/patches/CVE-2016-10009-4.patch: add missing label in
ssh-agent.c.
- CVE-2016-10009
* SECURITY UPDATE: local information disclosure via effects of realloc on
buffer contents
- debian/patches/CVE-2016-10011.patch: pre-allocate the buffer used for
loading keys in authfile.c.
- CVE-2016-10011
* SECURITY UPDATE: local privilege escalation via incorrect bounds check
in shared memory manager
- debian/patches/CVE-2016-10012-1-2.patch: remove support for
pre-authentication compression in kex.c, kex.h, Makefile.in,
monitor.c, monitor.h, monitor_wrap.c, monitor_wrap.h, myproposal.h,
packet.c, servconf.c, sshd.c, sshd_config.5.
- debian/patches/CVE-2016-10012-3.patch: put back some pre-auth zlib
bits in kex.c, kex.h, packet.c.
- CVE-2016-10012
* SECURITY UPDATE: DoS via zero-length file creation in readonly mode
- debian/patches/CVE-2017-15906.patch: disallow creation of empty files
in sftp-server.c.
- CVE-2017-15906
Date: 2018-01-18 14:07:13.768832+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2.10
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list