Security update for openssh

Announcement ID:	SUSE-SU-2015:1840-1
Rating:	moderate
References:	bsc#673532 bsc#903649 bsc#905118 bsc#914309 bsc#932483 bsc#936695 bsc#938746
Cross-References:	CVE-2015-4000 CVE-2015-5352 CVE-2015-5600
CVSS scores:	CVE-2015-4000 ( NVD ): 3.7 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products:	SUSE Linux Enterprise Server 11 SP2 LTSS 11-SP2

An update that solves three vulnerabilities and has four security fixes can now be installed.

Description:

openssh was updated to fix four security issues.

These security issues were fixed: - CVE-2015-5352: The x11_open_helper function in channels.c in ssh in OpenSSH when ForwardX11Trusted mode is not used, lacked a check of the refusal deadline for X connections, which made it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window (bsc#936695). - CVE-2015-5600: The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH did not properly restrict the processing of keyboard-interactive devices within a single connection, which made it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list (bsc#938746). - CVE-2015-4000: Removed and disabled weak DH groups (bsc#932483). - Hardening patch to fix sftp RCE (bsc#903649).

These non-security issues were fixed: - bsc#914309: sshd inherits oom_adj -17 on SIGHUP causing DoS potential for oom_killer. - bsc#673532: limits.conf fsize change in SLES10SP3 causing problems to WebSphere mqm user.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Server 11 SP2 LTSS 11-SP2
  zypper in -t patch slessp2-openssh-12168=1

Package List:

• SUSE Linux Enterprise Server 11 SP2 LTSS 11-SP2 (s390x x86_64 i586)
  • openssh-5.1p1-41.69.1
  • openssh-askpass-gnome-5.1p1-41.69.4
  • openssh-askpass-5.1p1-41.69.1

References:

• https://www.suse.com/security/cve/CVE-2015-4000.html
• https://www.suse.com/security/cve/CVE-2015-5352.html
• https://www.suse.com/security/cve/CVE-2015-5600.html
• https://bugzilla.suse.com/show_bug.cgi?id=673532
• https://bugzilla.suse.com/show_bug.cgi?id=903649
• https://bugzilla.suse.com/show_bug.cgi?id=905118
• https://bugzilla.suse.com/show_bug.cgi?id=914309
• https://bugzilla.suse.com/show_bug.cgi?id=932483
• https://bugzilla.suse.com/show_bug.cgi?id=936695
• https://bugzilla.suse.com/show_bug.cgi?id=938746