Bug 19124

Summary: openssh new security and bug fixes in 7.3
Product: Mageia Reporter: David Walser <luigiwalser>
Component: RPM PackagesAssignee: Guillaume Rousse <guillomovitch>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal    
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Source RPM: openssh CVE:
Status comment:

Description David Walser 2016-08-03 23:46:06 CEST 
OpenSSH 7.3 has been announced on August 1:
http://www.openwall.com/lists/oss-security/2016/08/01/2

Only two security fixes have CVEs, and we already fixed CVE-2016-6210 in Cauldron (Mageia 5 wouldn't be affected on most Mageia systems).  The other, CVE-2015-8325, also doesn't affect the default configuration, as UseLogin is disabled by default.  There are three additional security fixes, which sound minor and theoretical in nature.  There are several other bug fixes as well.

I'm just filing this so the maintainer can evaluate if any additional changes should be made to our package.
Comment 1 David Walser 2016-08-08 23:38:23 CEST 
openssh-7.3p1-1.mga6 uploaded for Cauldron.  Thanks Guillaume.

Status: NEW => RESOLVED
Resolution: (none) => FIXED