Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:Update
patchinfo.3005
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.3005
<patchinfo incident="3005"> <issue id="989363" tracker="bnc">VUL-0: CVE-2016-6210: openssh: User enumeration via covert timing channel</issue> <issue id="948902" tracker="bnc">sftp failures after installation of openssh 6.2p2-0.21.1</issue> <issue id="992533" tracker="bnc">VUL-0: CVE-2016-6515: openssh: auth_password function in auth-passwd.c in OpenSSH before 7.3 does not limit password length</issue> <issue id="981654" tracker="bnc">openssh error mesage about undefined display in SLE 12</issue> <issue id="2016-6210" tracker="cve" /> <issue id="2016-6515" tracker="cve" /> <category>security</category> <rating>moderate</rating> <packager>pcerny</packager> <description> This update for openssh fixes the following issues: - Prevent user enumeration through the timing of password processing (bsc#989363, CVE-2016-6210) [-prevent_timing_user_enumeration] - Allow lowering the DH groups parameter limit in server as well as when GSSAPI key exchange is used (bsc#948902) - limit accepted password length (prevents possible DoS) (bsc#992533, CVE-2016-6515) Bug fixes: - avoid complaining about unset DISPLAY variable (bsc#981654) </description> <summary>Security update for openssh</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor