Oval Definition:oval:org.opensuse.security:def:55720
Revision Date:2020-12-01Version:1
Title:Security update for openssh (Moderate)
Description:

This update for OpenSSH fixes three security issues.

These security issues were fixed: - CVE-2016-3115: Sanitise input for xauth(1) (bsc#970632) - CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections (bsc#962313) - CVE-2015-8325: Ignore PAM environment when using login (bsc#975865)

These non-security issues were fixed: - Fix help output of sftp (bsc#945493) - Restarting openssh with openssh-fips installed was not working correctly (bsc#945484) - Fix crashes when /proc is not available in the chroot (bsc#947458) - Correctly parse GSSAPI KEX algorithms (bsc#961368) - More verbose FIPS mode/CC related documentation in README.FIPS (bsc#965576, bsc#960414) - Fix PRNG re-seeding (bsc#960414, bsc#729190) - Disable DH parameters under 2048 bits by default and allow lowering the limit back to the RFC 4419 specified minimum through an option (bsc#932483, bsc#948902)
Family:unixClass:patch
Status:Reference(s):1001900
1004924
1005274
1027519
1060445
1061005
1063671
1064392
1066471
1066472
1079730
1095242
1096224
1097108
1097521
1097522
1098744
1099306
1125330
1127987
1129821
1130262
1141322
1151178
1158527
1159819
673532
729190
806919
806921
817349
817350
903649
905118
914309
916549
931452
932483
936695
937096
938746
943006
943010
945484
945493
947458
948902
958342
960414
961368
962313
965576
970632
975865
984060
CVE-2011-0904
CVE-2011-0905
CVE-2011-1164
CVE-2013-1775
CVE-2013-1776
CVE-2013-2776
CVE-2013-2777
CVE-2015-0295
CVE-2015-1858
CVE-2015-1859
CVE-2015-1860
CVE-2015-2059
CVE-2015-3202
CVE-2015-4000
CVE-2015-5352
CVE-2015-5600
CVE-2015-6563
CVE-2015-6564
CVE-2015-8325
CVE-2016-1908
CVE-2016-3115
CVE-2016-4971
CVE-2016-6911
CVE-2016-7568
CVE-2016-8670
CVE-2017-13080
CVE-2017-15649
CVE-2017-7793
CVE-2017-7805
CVE-2017-7810
CVE-2017-7814
CVE-2017-7818
CVE-2017-7819
CVE-2017-7823
CVE-2017-7824
CVE-2017-7825
CVE-2018-10853
CVE-2018-11806
CVE-2018-12617
CVE-2018-12891
CVE-2018-12893
CVE-2018-18335
CVE-2018-18356
CVE-2018-18506
CVE-2018-3646
CVE-2018-3665
CVE-2019-11745
CVE-2019-16239
CVE-2019-17006
CVE-2019-5785
CVE-2019-9788
CVE-2019-9790
CVE-2019-9791
CVE-2019-9792
CVE-2019-9793
CVE-2019-9794
CVE-2019-9795
CVE-2019-9796
CVE-2019-9801
CVE-2019-9810
CVE-2019-9813
SUSE-SU-2015:1024-1
SUSE-SU-2015:1581-1
SUSE-SU-2016:1386-1
SUSE-SU-2016:2226-1
SUSE-SU-2016:2668-1
SUSE-SU-2017:2688-1
SUSE-SU-2017:3145-1
SUSE-SU-2018:2069-1
SUSE-SU-2018:2363-1
SUSE-SU-2018:2368-1
SUSE-SU-2019:0852-1
SUSE-SU-2019:2744-1
SUSE-SU-2020:0088-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ImageMagick-7.0.7.29-lp150.1 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND ansible-2.8.1-12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND sudo-1.7.6p2-0.2.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • fuse-2.8.7-0.11 is installed
  • OR libfuse2-2.8.7-0.11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • openssh-6.6p1-42 is installed
  • OR openssh-askpass-gnome-6.6p1-42 is installed
  • OR openssh-helpers-6.6p1-42 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND wget-1.14-10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • openconnect-7.08-3.4 is installed
  • OR openconnect-lang-7.08-3.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libQt5Core5-5.3.2-1 is installed
  • OR libQt5DBus5-5.3.2-1 is installed
  • OR libQt5Gui5-5.3.2-1 is installed
  • OR libQt5Widgets5-5.3.2-1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_40-default-6-2 is installed
  • OR kgraft-patch-3_12_74-60_64_40-xen-6-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_15-6-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • fetchmail-6.3.26-12 is installed
  • OR fetchmailconf-6.3.26-12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND shadow-4.2.1-27.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libsystemd0-228-150.66 is installed
  • OR libsystemd0-32bit-228-150.66 is installed
  • OR libudev-devel-228-150.66 is installed
  • OR libudev1-228-150.66 is installed
  • OR libudev1-32bit-228-150.66 is installed
  • OR systemd-228-150.66 is installed
  • OR systemd-32bit-228-150.66 is installed
  • OR systemd-bash-completion-228-150.66 is installed
  • OR systemd-sysvinit-228-150.66 is installed
  • OR udev-228-150.66 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.121-92.85 is installed
  • OR kernel-default-base-4.4.121-92.85 is installed
  • OR kernel-default-devel-4.4.121-92.85 is installed
  • OR kernel-default-man-4.4.121-92.85 is installed
  • OR kernel-devel-4.4.121-92.85 is installed
  • OR kernel-macros-4.4.121-92.85 is installed
  • OR kernel-source-4.4.121-92.85 is installed
  • OR kernel-syms-4.4.121-92.85 is installed
  • OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • res-signingkeys-3.0.25-48 is installed
  • OR smt-3.0.25-48 is installed
  • OR smt-support-3.0.25-48 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • pam_radius-1.3.16-239.4 is installed
  • OR pam_radius-32bit-1.3.16-239.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libexif-0.6.22-8.9 is installed
  • OR libexif12-0.6.22-8.9 is installed
  • OR libexif12-32bit-0.6.22-8.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libXRes1-1.0.7-3 is installed
  • OR libXRes1-32bit-1.0.7-3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • MozillaFirefox-52.4.0esr-109.6 is installed
  • OR MozillaFirefox-devel-52.4.0esr-109.6 is installed
  • OR MozillaFirefox-translations-52.4.0esr-109.6 is installed
  • OR libfreebl3-3.29.5-58.3 is installed
  • OR libfreebl3-32bit-3.29.5-58.3 is installed
  • OR libfreebl3-hmac-3.29.5-58.3 is installed
  • OR libfreebl3-hmac-32bit-3.29.5-58.3 is installed
  • OR libsoftokn3-3.29.5-58.3 is installed
  • OR libsoftokn3-32bit-3.29.5-58.3 is installed
  • OR libsoftokn3-hmac-3.29.5-58.3 is installed
  • OR libsoftokn3-hmac-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-3.29.5-58.3 is installed
  • OR mozilla-nss-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-certs-3.29.5-58.3 is installed
  • OR mozilla-nss-certs-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-devel-3.29.5-58.3 is installed
  • OR mozilla-nss-sysinit-3.29.5-58.3 is installed
  • OR mozilla-nss-sysinit-32bit-3.29.5-58.3 is installed
  • OR mozilla-nss-tools-3.29.5-58.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • galera-3-25.3.23-8 is installed
  • OR galera-3-wsrep-provider-25.3.23-8 is installed
  • OR libmariadb3-3.0.3-1.3 is installed
  • OR mariadb-10.2.15-7 is installed
  • OR mariadb-client-10.2.15-7 is installed
  • OR mariadb-connector-c-3.0.3-1.3 is installed
  • OR mariadb-errormessages-10.2.15-7 is installed
  • OR mariadb-galera-10.2.15-7 is installed
  • OR mariadb-tools-10.2.15-7 is installed
  • OR ruby2.1-rubygem-mysql2-0.4.10-7 is installed
  • OR rubygem-mysql2-0.4.10-7 is installed
  • OR xtrabackup-2.4.10-5 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.107 is installed
  • OR kernel-default-base-4.4.180-94.107 is installed
  • OR kernel-default-devel-4.4.180-94.107 is installed
  • OR kernel-default-kgraft-4.4.180-94.107 is installed
  • OR kernel-devel-4.4.180-94.107 is installed
  • OR kernel-macros-4.4.180-94.107 is installed
  • OR kernel-source-4.4.180-94.107 is installed
  • OR kernel-syms-4.4.180-94.107 is installed
  • OR kgraft-patch-4_4_180-94_107-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_29-1-4.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • apache2-2.4.23-29.54 is installed
  • OR apache2-doc-2.4.23-29.54 is installed
  • OR apache2-example-pages-2.4.23-29.54 is installed
  • OR apache2-prefork-2.4.23-29.54 is installed
  • OR apache2-utils-2.4.23-29.54 is installed
  • OR apache2-worker-2.4.23-29.54 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
  • BACK