[SECURITY] [DLA-1474-1] openssh security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA-1474-1] openssh security update
From: Chris Lamb <lamby@debian.org>
Date: Tue, 21 Aug 2018 18:17:47 +0100
Message-id: <[🔎] 1534871867.2918847.1481535208.016C65AA@webmail.messagingengine.com>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : openssh
Version        : 1:6.7p1-5+deb8u5
CVE ID         : CVE-2018-15473 
Debian Bug     : #906236

It was discovered that there was a user enumeration vulnerability in
OpenSSH. A remote attacker couldtest whether a certain user exists
on a target server.

For Debian 8 "Jessie", this issue has been fixed in openssh version
1:6.7p1-5+deb8u5.

We recommend that you upgrade your openssh packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlt8SEwACgkQHpU+J9Qx
HlhMGxAAlPo7NA5IAD6fXl94Fmm9D7eMNkCBWbwHueSgxKRkVKXxPUBCuZ1QrPMz
H+lRWI/mCD2cxqtGcPDvPC49Aa/HP1ZLCQSV66tdwExGjOJMuPF7Wu4hhPJuULbJ
YLY1kLTyLs7k2VCO6jYXOW57slcUAX+dfgrnd21rMZiFwpNmij0ulcajuCJRcSv9
t0a5C4nhMptRy7X3moBcZO33uGUPT4b/sW3m0Z/YzRTVngB5wzg2vsVa/+YqZNqH
qFr6M+yEqT1QIt7MKWjUfO0Mj6zBfTr2i9DO8iwYJgMQRDbk21dNskabjhDNSLsC
0aQmJ1dRwbaK80ocReLcvmMIVAJle7PFWK6fsnMCeRsIwvXLp6Y4WclBZk/jySj8
19ObdIowwjiTD5Z/FhxlVD9MVNMQJnBb7y+5Zy1r8UYThXaEIy3TWGiKc0jU/+x8
/z6l+3izonJOdnCmMZ9ogNx69smJWoaf9NpdC1Ep4uim/Cq6BKNSSi52XPmiKSX8
Joiafh3SOaZ5SdeI7Kygc0WpBSrUI3mYiSm0KTqPYou/WsuXGbA1Do1rssMQGcrX
4nK+si+npc5QViytH41qZ+xUYhfshqnvV0T4MGlNmxL33nFonPQLggRkv58kR+W4
NF5tPDdFjpBHe2exIItFZtQhV4ESomsdjz1nAa1yE+qBB4Z1Rho=
=ZrdX
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1473-1] otrs2 security update
Next by Date: [SECURITY] [DLA 1475-1] tomcat-native security update
Previous by thread: [SECURITY] [DLA 1473-1] otrs2 security update
Next by thread: [SECURITY] [DLA 1475-1] tomcat-native security update
Index(es):
- Date
- Thread