[Bug 1485719] Re: Uninitialized struct field in the fix for CVE-2015-5600 causes random auth failures

Launchpad Bug Tracker 1485719 at bugs.launchpad.net
Tue Aug 18 04:56:21 UTC 2015


This bug was fixed in the package openssh - 1:6.7p1-6ubuntu2

---------------
openssh (1:6.7p1-6ubuntu2) wily; urgency=medium

  * SECURITY REGRESSION: random auth failures because of uninitialized
    struct field (LP: #1485719)
    - debian/patches/CVE-2015-5600-2.patch: properly initialize field in
      auth2-chall.c.

 -- Marc Deslauriers <marc.deslauriers at ubuntu.com>  Mon, 17 Aug 2015
22:13:25 -0400

** Changed in: openssh (Ubuntu Wily)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1485719

Title:
  Uninitialized struct field in the fix for CVE-2015-5600 causes random
  auth failures

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1485719/+subscriptions



More information about the Ubuntu-server-bugs mailing list