Security update for openssh
SUSE Security Update: Security update for openssh
This collective security update of openssh fixes multiple
security issues:
* memory exhaustion in gssapi due to integer overflow
(bnc#756370, CVE-2011-5000)
* forced command option information leak (bnc#744643,
CVE-2012-0814)
Additionally, the following bug has been fixed:
* bnc#752354 server-side delay upon user exiting a ssh
session, due to DNS queries from libaudit
https://bugzilla.novell.com/709782
https://bugzilla.novell.com/744643
https://bugzilla.novell.com/752354
https://bugzilla.novell.com/756370
http://download.suse.com/patch/finder/?keywords=821184d97a25861059a30ef236c52014
| Announcement ID: | SUSE-SU-2012:1045-1 |
| Rating: | low |
| References: | #709782 #744643 #752354 #756370 |
| Affected Products: |
An update that contains security fixes can now be installed.
Description:
This collective security update of openssh fixes multiple
security issues:
* memory exhaustion in gssapi due to integer overflow
(bnc#756370, CVE-2011-5000)
* forced command option information leak (bnc#744643,
CVE-2012-0814)
Additionally, the following bug has been fixed:
* bnc#752354 server-side delay upon user exiting a ssh
session, due to DNS queries from libaudit
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server 11 SP2:
zypper in -t patch slessp1-openssh-6672 - SUSE Linux Enterprise Server 11 SP1 for VMware:
zypper in -t patch slessp1-openssh-6672 - SUSE Linux Enterprise Server 11 SP1:
zypper in -t patch slessp1-openssh-6672 - SUSE Linux Enterprise Desktop 11 SP2:
zypper in -t patch sledsp1-openssh-6672 - SUSE Linux Enterprise Desktop 11 SP1:
zypper in -t patch sledsp1-openssh-6672
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Linux Enterprise Server 11 SP2 (i586 ia64 ppc64 s390x x86_64):
- openssh-5.1p1-41.55.1
- openssh-askpass-5.1p1-41.55.1
- SUSE Linux Enterprise Server 11 SP1 for VMware (i586 x86_64):
- openssh-5.1p1-41.55.1
- openssh-askpass-5.1p1-41.55.1
- SUSE Linux Enterprise Server 11 SP1 (i586 ia64 ppc64 s390x x86_64):
- openssh-5.1p1-41.55.1
- openssh-askpass-5.1p1-41.55.1
- SUSE Linux Enterprise Desktop 11 SP2 (i586 x86_64):
- openssh-5.1p1-41.55.1
- openssh-askpass-5.1p1-41.55.1
- SUSE Linux Enterprise Desktop 11 SP1 (i586 x86_64):
- openssh-5.1p1-41.55.1
- openssh-askpass-5.1p1-41.55.1