Bugzilla – Bug 962313
VUL-1: CVE-2016-1908: openssh: possible fallback from untrusted to trusted X11 forwarding
Last modified: 2019-01-31 13:35:13 UTC
rh#1298741 It was discovered that OpenSSH client did not correctly handle situations when untrusted X11 forwarding was requested and generation of the untrusted authentication cookie failed. The ssh client continued by generating fake authentication cookie and allowed remote X clients to connect the local X server. The decision if client connection was accepted was delegated to the X server which, depending on its configuration, could allow clients to open trusted X connection. This would lead to remote X clients having more privileged access to the local X server than intended. This problem can occur when X server does not include or enable X Security extension (for X.org X server, this extension is not compiled in by default since 2007) and when it has authentication methods besides MIT cookies enabled (e.g. localuser authentication allowing all X connections from a local user who owns the X session). References: https://bugzilla.redhat.com/show_bug.cgi?id=1298741 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1908 http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-1908.html
bugbot adjusting priority
SUSE-SU-2016:1386-1: An update that solves three vulnerabilities and has 9 fixes is now available. Category: security (moderate) Bug References: 729190,932483,945484,945493,947458,948902,960414,961368,962313,965576,970632,975865 CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115 Sources used: SUSE Linux Enterprise Server 12-SP1 (src): openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1 SUSE Linux Enterprise Server 12 (src): openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1 SUSE Linux Enterprise Desktop 12-SP1 (src): openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1 SUSE Linux Enterprise Desktop 12 (src): openssh-6.6p1-42.1, openssh-askpass-gnome-6.6p1-42.1
This is an autogenerated message for OBS integration: This bug (962313) was mentioned in https://build.opensuse.org/request/show/398334 13.2 / openssh
openSUSE-SU-2016:1455-1: An update that solves three vulnerabilities and has 9 fixes is now available. Category: security (moderate) Bug References: 729190,932483,945484,945493,947458,948902,960414,961368,962313,965576,970632,975865 CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115 Sources used: openSUSE Leap 42.1 (src): openssh-6.6p1-11.1, openssh-askpass-gnome-6.6p1-11.1
possible regression reported with the SLE update released on Leap 42.1 - bug 982516
SUSE-SU-2016:1528-1: An update that solves three vulnerabilities and has 7 fixes is now available. Category: security (moderate) Bug References: 729190,932483,948902,960414,961368,961494,962313,965576,970632,975865 CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115 Sources used: SUSE Linux Enterprise Server 11-SP4 (src): openssh-6.6p1-21.1, openssh-askpass-gnome-6.6p1-21.3 SUSE Linux Enterprise Debuginfo 11-SP4 (src): openssh-6.6p1-21.1, openssh-askpass-gnome-6.6p1-21.3
An update workflow for this issue was started. This issue was rated as moderate. Please submit fixed packages until 2016-08-01. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62899
When will the fix for SLES11 SP3 be published? There are some customer are waiting for this fix for SLES11 SP3.
It was published today.
SUSE-SU-2016:2388-1: An update that solves 5 vulnerabilities and has 5 fixes is now available. Category: security (moderate) Bug References: 932483,948902,959096,962313,962794,970632,975865,981654,989363,992533 CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115,CVE-2016-6210,CVE-2016-6515 Sources used: SUSE OpenStack Cloud 5 (src): openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5 SUSE Manager Proxy 2.1 (src): openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5 SUSE Manager 2.1 (src): openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5 SUSE Linux Enterprise Server 11-SP3-LTSS (src): openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5 SUSE Linux Enterprise Point of Sale 11-SP3 (src): openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5 SUSE Linux Enterprise Debuginfo 11-SP3 (src): openssh-6.2p2-0.33.2, openssh-askpass-gnome-6.2p2-0.33.5
SUSE-SU-2016:2555-1: An update that solves 5 vulnerabilities and has 8 fixes is now available. Category: security (moderate) Bug References: 729190,932483,948902,960414,961368,961494,962313,965576,970632,975865,981654,989363,992533 CVE References: CVE-2015-8325,CVE-2016-1908,CVE-2016-3115,CVE-2016-6210,CVE-2016-6515 Sources used: SUSE Linux Enterprise Server 11-SECURITY (src): openssh-openssl1-6.6p1-15.1
all released