Upstream has issued an advisory today (March 10): http://www.openssh.com/txt/x11fwd.adv The issue is fixed in version 7.2p2: http://openwall.com/lists/oss-security/2016/03/10/9 Mageia 5 is also affected.
Whiteboard: (none) => MGA5TOO
CVE-2016-3115 has been assigned for this: http://openwall.com/lists/oss-security/2016/03/10/16
Summary: openssh new xauth command injection security issue => openssh new xauth command injection security issue (CVE-2016-3115)
openssh-7.2p2-1.mga6 uploaded for Cauldron by Guillaume. Thanks.
Version: Cauldron => 5Whiteboard: MGA5TOO => (none)
Patched package uploaded for Mageia 5 by Guillaume. Thanks Guillaume!! Advisory: ======================== Updated openssh packages fix security vulnerability: Missing sanitisation of untrusted input allows an authenticated user who is able to request X11 forwarding to inject commands to xauth(1) (CVE-2016-3115). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3115 http://www.openssh.com/txt/x11fwd.adv http://openwall.com/lists/oss-security/2016/03/10/16 ======================== Updated packages in core/updates_testing: ======================== openssh-6.6p1-5.7.mga5 openssh-clients-6.6p1-5.7.mga5 openssh-server-6.6p1-5.7.mga5 openssh-askpass-common-6.6p1-5.7.mga5 openssh-askpass-6.6p1-5.7.mga5 openssh-askpass-gnome-6.6p1-5.7.mga5 openssh-ldap-6.6p1-5.7.mga5 from openssh-6.6p1-5.7.mga5.src.rpm
CC: (none) => guillomovitchAssignee: guillomovitch => qa-bugs
Keywords: (none) => validated_updateWhiteboard: (none) => MGA5-64-OK advisoryCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0108.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/679761/