LogoopenSUSE Build Service > Projects
Sign Up | Log In

security update for openssh-askpass-g...

Security update for openssh
This update was submitted from Michal Kubeček Michal Kubeček (mkubecek) and rated as critical
Description:
   - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH
     client to expose part or all of the client's private key through the
     roaming feature (bsc#961642)
   - CVE-2016-0778: A malicious or compromised server could could trigger a
     buffer overflow in the OpenSSH client through the roaming feature
     (bsc#961645)

   This update disables the undocumented feature supported by the OpenSSH
   client and a commercial SSH server.
Fixed bugs:
Required actions:
  • Relogin suggested:
  • Reboot suggested:
  • Package-manager restart: