Scientific Linux alert SLSA-2016:0465-1 (openssh)

From:
    	     
 
Pat Riehecky <riehecky@fnal.gov> 
To:
    	     
 
<scientific-linux-errata@listserv.fnal.gov> 
Subject:
    	     
 
Security ERRATA Moderate: openssh on SL7.x x86_64 
Date:
    	     
 
Mon, 21 Mar 2016 21:58:14 +0000
Message-ID:
    	     
 
<20160321215814.22523.23360@slpackages.fnal.gov>
Synopsis:          Moderate: openssh security update
Advisory ID:       SLSA-2016:0465-1
Issue Date:        2016-03-21
CVE Numbers:       CVE-2016-1908
                   CVE-2016-3115
--

It was discovered that the OpenSSH server did not sanitize data received
in requests to enable X11 forwarding. An authenticated client with
restricted SSH access could possibly use this flaw to bypass intended
restrictions. (CVE-2016-3115)

An access flaw was discovered in OpenSSH; the OpenSSH client did not
correctly handle failures to generate authentication cookies for untrusted
X11 forwarding. A malicious or compromised remote X application could
possibly use this flaw to establish a trusted connection to the local X
server, even if only untrusted X11 forwarding was requested.
(CVE-2016-1908)

After installing this update, the OpenSSH server daemon (sshd) will be
restarted automatically.
--

SL7
  x86_64
    openssh-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-askpass-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-clients-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-debuginfo-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-keycat-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-server-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-debuginfo-6.6.1p1-25.el7_2.i686.rpm
    openssh-ldap-6.6.1p1-25.el7_2.x86_64.rpm
    openssh-server-sysvinit-6.6.1p1-25.el7_2.x86_64.rpm
    pam_ssh_agent_auth-0.9.3-9.25.el7_2.i686.rpm
    pam_ssh_agent_auth-0.9.3-9.25.el7_2.x86_64.rpm

- Scientific Linux Development Team