19124 – openssh new security and bug fixes in 7.3

Bug 19124 - openssh new security and bug fixes in 7.3

Summary: openssh new security and bug fixes in 7.3

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	Cauldron
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	Guillaume Rousse
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2016-08-03 23:46 CEST by David Walser
Modified:	2016-08-08 23:38 CEST (History)
CC List:	0 users

See Also:
Source RPM:	openssh
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2016-08-03 23:46:06 CEST

OpenSSH 7.3 has been announced on August 1:
http://www.openwall.com/lists/oss-security/2016/08/01/2

Only two security fixes have CVEs, and we already fixed CVE-2016-6210 in Cauldron (Mageia 5 wouldn't be affected on most Mageia systems).  The other, CVE-2015-8325, also doesn't affect the default configuration, as UseLogin is disabled by default.  There are three additional security fixes, which sound minor and theoretical in nature.  There are several other bug fixes as well.

I'm just filing this so the maintainer can evaluate if any additional changes should be made to our package.

Comment 1 David Walser 2016-08-08 23:38:23 CEST

openssh-7.3p1-1.mga6 uploaded for Cauldron.  Thanks Guillaume.

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.