| Errata ID | 624 |
|---|---|
| Date | 2019-03-27 |
| Source package | openssh |
| Fixed in version | 1:6.7p1-5+deb8u8 |
| Description | This update addresses the following issues: * scp client improper directory name validation (CVE-2018-20685) * Missing character encoding in progress display allows for spoofing of scp client output (CVE-2019-6109) * Improper validation of object names allows malicious server to overwrite files via scp client (CVE-2019-6111) |
| Additional notes | |
| CVE ID | CVE-2018-20685 CVE-2019-6109 CVE-2019-6111 |
| UCS Bug number | #49097 |
