[vox-tech] OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
Brian E. Lavender
brian at brie.com
Wed Jan 27 11:24:17 PST 2016
Many distros will backport the patch, yet maintain the same version
number. This is the case in Debian. If you look below, the version
appears to be vulnerable, yet the changelog indicates otherwise. This
is often the case when doing compliance for financial transactions and
you have to explain that the version has been patched.
The long story short is check your Changelog.
/usr/share/doc/openssh-client
changelog.Debian.gz
$ ssh -V
OpenSSH_6.7p1 Debian-5+deb8u1, OpenSSL 1.0.1k 8 Jan 2015
openssh (1:6.7p1-5+deb8u1) jessie-security; urgency=high
* Non-maintainer upload by the Security Team.
* Disable roaming in openssh client: roaming code is vulnerable to an
information leak (CVE-2016-0777) and heap-based buffer overflow
(CVE-2016-0778).
-- Yves-Alexis Perez <corsac at debian.org> Wed, 13 Jan 2016 22:08:52 +0100
brian
On Fri, Jan 15, 2016 at 12:24:09PM -0800, Bill Kendrick wrote:
>
> If you're using OpenSSH 5.4 thru 7.1 (check "ssh -V"),
> you'll want to disable the "UseRoaming" feature (which was
> unused on SSH servers, but left around in SSH clients,
> and can be exploited):
>
> http://undeadly.org/cgi?action=article&sid=20160114142733
>
> --
> -bill!
> Sent from my computer
> _______________________________________________
> vox-tech mailing list
> vox-tech at lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
--
Brian Lavender
http://www.brie.com/brian/
"There are two ways of constructing a software design. One way is to
make it so simple that there are obviously no deficiencies. And the other
way is to make it so complicated that there are no obvious deficiencies."
Professor C. A. R. Hoare
The 1980 Turing award lecture
More information about the vox-tech
mailing list