| Errata ID | 510 |
|---|---|
| Date | 2018-09-12 |
| Source package | openssh |
| Fixed in version | 1:6.7p1-5+deb8u6 |
| Description | This update addresses the following issues: * Privilege separation weakness related to PAM support (CVE-2015-6563) * Use-after-free bug related to PAM support (CVE-2015-6564) * possible fallback from untrusted to trusted X11 forwarding (CVE-2016-1908) * missing sanitisation of input for X11 forwarding (CVE-2016-3115) * Denial of service via very long passwords (CVE-2016-6515) * loading of untrusted PKCS#11 modules in ssh-agent (CVE-2016-10009) * Leak of host private key material to privilege-separated child process via realloc() (CVE-2016-10011) * Bounds check can be evaded in the shared memory manager used by pre-authentication compression support (CVE-2016-10012) * Out of sequence NEWKEYS message can allow remote attacker to cause denial of service (CVE-2016-10708) * Improper write operations in readonly mode allow for zero-length file creation (CVE-2017-15906) |
| Additional notes | |
| CVE ID | CVE-2015-6563 CVE-2015-6564 CVE-2016-1908 CVE-2016-3115 CVE-2016-6515 CVE-2016-10009 CVE-2016-10011 CVE-2016-10012 CVE-2016-10708 CVE-2017-15906 |
| UCS Bug number | #47778 |
