drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in OpenSSH
Name: |
Mehrere Probleme in OpenSSH |
|
ID: |
USN-3885-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 18.10 |
|
Datum: |
Do, 7. Februar 2019, 23:02 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6109
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6111
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20685 |
|
Applikationen: |
OpenSSH |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============4836440110664903865== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="pqLe0HgMCzi3kPiHeSThJ70fIje4TtO7j"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --pqLe0HgMCzi3kPiHeSThJ70fIje4TtO7j Content-Type: multipart/mixed; boundary="oKxX4uH5gnlMBoz8CDtZAfZ73BDWeOZAb"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <bc1eff64-92d9-d4cb-51ae-f5f2b029a0fc@canonical.com> Subject: [USN-3885-1] OpenSSH vulnerabilities
--oKxX4uH5gnlMBoz8CDtZAfZ73BDWeOZAb Content-Type: text/plain; charset=utf-8 Content-Language: en-C Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3885-1 February 07, 2019
openssh vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in OpenSSH.
Software Description: - openssh: secure shell (SSH) for secure access to remote machines
Details:
Harry Sintonen discovered multiple issues in the OpenSSH scp utility. If a user or automated system were tricked into connecting to an untrusted server, a remote attacker could possibly use these issues to write to arbitrary files, change directory permissions, and spoof client output.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.10: openssh-client 1:7.7p1-4ubuntu0.2
Ubuntu 18.04 LTS: openssh-client 1:7.6p1-4ubuntu0.2
Ubuntu 16.04 LTS: openssh-client 1:7.2p2-4ubuntu2.7
Ubuntu 14.04 LTS: openssh-client 1:6.6p1-2ubuntu2.12
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3885-1 CVE-2018-20685, CVE-2019-6109, CVE-2019-6111
Package Information: https://launchpad.net/ubuntu/+source/openssh/1:7.7p1-4ubuntu0.2 https://launchpad.net/ubuntu/+source/openssh/1:7.6p1-4ubuntu0.2 https://launchpad.net/ubuntu/+source/openssh/1:7.2p2-4ubuntu2.7 https://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2.12
--oKxX4uH5gnlMBoz8CDtZAfZ73BDWeOZAb--
--pqLe0HgMCzi3kPiHeSThJ70fIje4TtO7j Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlxcfooACgkQZWnYVadE vpOYSg//WWo5gERWyKT2F4bZgsnrdY11JLEBSJl0XfI3NotCDVjR07fcJfbXUc41 pbJNKgKp2h0av5SXl+q0wN1EkNiqM0W7/Q/xyiJkY++03OGP4SIXFxVh9MdB6HTt o/bQ+vmdbOglXbubF3mv53F7PVZAAB9K+ThlXfCZTPUbuEehpU/V/0wRHWkceuUk raV6Tjv/29OdX/LZoe3uQsfMD/6dDsjkF5Uq85EtpPtm1dFE0Go709lGs6Y3Btp9 558EdKfFUuZu2s4XlSQoqxHKaq7vTgiP8mEE9M1rQyLiqaBpK26WKrPnchohIALX MslULSHZgI9lHAKoBTilO7KFQ/KsKCe2JLlcagpt2rgMFti4W5Q0jRUWUSrzyYOW s+x+jKsi1U76P4ZDlK7AkA3eEuRcoXh2Vx/EsqpzQ57VXmXlzv11+Sp3a4eDrWT/ xkF3DT6vtT5KBnQkxJRHHw5fTQG5fSvhjuDzHoQI2ZjsN7+Ox3HNQPWcKpl+KHLX t7Ht9xkw3G+U7ngqbE07qWs3P2TJTyQaCV1DjDtdY3AMnrs9xRy6ZwHbkCeRC0Fm M78oen6cf8qYdVI9K2KF6tzF6MJ3Z7wCh67VwG8kUbilDb3mE8k0FBEnw6XISBMA jIoBXthMjhLi+LqABjF95vwSGCChoKjdtRlWmNyEX4BYlmILjpQ= =arg7 -----END PGP SIGNATURE-----
--pqLe0HgMCzi3kPiHeSThJ70fIje4TtO7j--
--===============4836440110664903865== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============4836440110664903865==--
|
|
|
|