Format: 1.8 Date: Thu, 01 Nov 2018 16:16:02 -0300 Source: openssh Binary: openssh-client openssh-client-ssh1 openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: i386 i386_translations Version: 1:7.2p2-4ubuntu2.6 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-ssh1 - secure shell (SSH) client for legacy SSH1 protocol openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Launchpad-Bugs-Fixed: 1794629 Changes: openssh (1:7.2p2-4ubuntu2.6) xenial-security; urgency=medium . [ Ryan Finnie ] * SECURITY UPDATE: OpenSSH User Enumeration Vulnerability (LP: #1794629) - debian/patches/CVE-2018-15473.patch: delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. - CVE-2018-15473 * SECURITY UPDATE: Privsep process chrashing via an out-of-sequence - debian/patches/CVE-2016-10708.patch: fix in kex.c, pack.c. - CVE-2016-10708 Checksums-Sha1: 91565e436ab0913bf619abaada92b73e2f5172fb 943330 openssh-client-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb a0b286bab2fca709d63db69322652770e1916a6e 560966 openssh-client-ssh1-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb eca5afb1faeb1165939d810cf2c94372b309bf1c 373214 openssh-client-ssh1_7.2p2-4ubuntu2.6_i386.deb 9ba7dd5905a2b607a88b6a9a1563345986cc66ab 441632 openssh-client-udeb-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 08a3be8104157a4dbbb422139e64357a6998df35 279510 openssh-client-udeb_7.2p2-4ubuntu2.6_i386.udeb 1e69fcfa05e324e009209af2d441a3a037ca1699 646914 openssh-client_7.2p2-4ubuntu2.6_i386.deb 5879ee8823e155975193cde442f0bf21a079fdde 499010 openssh-server-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 562296cd80d26efffe4465e175de41a62d0efa36 486390 openssh-server-udeb-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb c732ae88a211038aeb31ef34e11dacc2552d2236 293172 openssh-server-udeb_7.2p2-4ubuntu2.6_i386.udeb 8df103e0ac6bb55d2b514b9b89f9eafaa80bab96 377012 openssh-server_7.2p2-4ubuntu2.6_i386.deb 2f7e1291d0ed6efb4b609ffdb1f36962ff3f8b4c 68698 openssh-sftp-server-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb da9826c2725464e39d8e974a07b3d02cf8eb6552 43984 openssh-sftp-server_7.2p2-4ubuntu2.6_i386.deb b55be86c7fb22dbdb9840f3925b21dfd6e49b789 8488 openssh_7.2p2-4ubuntu2.6_i386_translations.tar.gz 6ece3b17be5263674722d782893e1a8227f3bceb 10898 ssh-askpass-gnome-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb a820ed4e37cdf35f33c2d4f11f644f11eb968711 14350 ssh-askpass-gnome_7.2p2-4ubuntu2.6_i386.deb Checksums-Sha256: 02071d1f3b45dd6a108b68dae5072d596f1291cc9e2ab527e81c7b811a7831a3 943330 openssh-client-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 14cd2cac0a47cbb66a49abeae864777e4e841fe60c54b7e8ad79c90228487ff9 560966 openssh-client-ssh1-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 8fab8806dd019e986a51cf8a2e452ac93bb39a96249c166ef0a5725d8ce823dc 373214 openssh-client-ssh1_7.2p2-4ubuntu2.6_i386.deb a231b742bd095645a5b2976364220b0eabd60082521be9158f722b376ada45db 441632 openssh-client-udeb-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 49674b4816402442814a85cb59f34f43c041574d953418d1b3cc920c51925a19 279510 openssh-client-udeb_7.2p2-4ubuntu2.6_i386.udeb accc50f63d39d97674c0a122c39b6188e80329550e2366ab5bb676f34b1e0cf2 646914 openssh-client_7.2p2-4ubuntu2.6_i386.deb 068c6c2481e8f47846d94a524295a7f509332120767e876e814298fd9a8ffae3 499010 openssh-server-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 03d8e2537abda6acfcf90e25a39df2bba1c0a306b673942223d1fdc59a1efb19 486390 openssh-server-udeb-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 65747a6725e93aa99452cf9561abf8fdd21550e21fc68cc80acd10a20bf262d0 293172 openssh-server-udeb_7.2p2-4ubuntu2.6_i386.udeb 5308d718b7dafc51a7d9dd76433ec89fa89d463681a386bd6551f47a51e006c8 377012 openssh-server_7.2p2-4ubuntu2.6_i386.deb bb257566783251cb8c25f1a7e97f633ec780631b937743c65b767ad0b9b39b2d 68698 openssh-sftp-server-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 78fffafac8d0a0d89c3969670822e84c58eb2f865af01f95bf43ac211f9a621b 43984 openssh-sftp-server_7.2p2-4ubuntu2.6_i386.deb 73c31b96945b99d39a3d76539f454b38291e44d74758769c7d2b98d75efe30b5 8488 openssh_7.2p2-4ubuntu2.6_i386_translations.tar.gz f9877285bae4b70995787c95ad4cd97ef15323f49e64cdbe28fb9d748d9afe41 10898 ssh-askpass-gnome-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 374e9acc27b26f0fa8754e815feacb352fbd8d657aeb1b894d252280b4eed9dc 14350 ssh-askpass-gnome_7.2p2-4ubuntu2.6_i386.deb Files: f1805c0b21ff94e3fd7f99e0adf612bb 943330 net extra openssh-client-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb d0984f3c37a4ab70fbbb484120576cff 560966 net extra openssh-client-ssh1-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb bf15cf09ee6db8572d6d413cd02a8563 373214 net extra openssh-client-ssh1_7.2p2-4ubuntu2.6_i386.deb 298fbb6fee05cc4707ed06a511eeeb2e 441632 debian-installer extra openssh-client-udeb-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 35af33370624ace7cd968c044c0325d7 279510 debian-installer optional openssh-client-udeb_7.2p2-4ubuntu2.6_i386.udeb 67bfc0850c0e002d8e5d16c8fdd81449 646914 net standard openssh-client_7.2p2-4ubuntu2.6_i386.deb f9a5f4fc259ee7ec37c3902f78f26563 499010 net extra openssh-server-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 1fe4284a6cb8a917cfaa34372a77815f 486390 debian-installer extra openssh-server-udeb-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 5c7825f40f84116b61c01caf9a2f9010 293172 debian-installer optional openssh-server-udeb_7.2p2-4ubuntu2.6_i386.udeb b17289305499d3014c5062a7244cef94 377012 net optional openssh-server_7.2p2-4ubuntu2.6_i386.deb c97fde2180b81a03cd995113569e3615 68698 net extra openssh-sftp-server-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb 5d04f8b1f5573bef35ea7cc906980350 43984 net optional openssh-sftp-server_7.2p2-4ubuntu2.6_i386.deb f33c0a129678fee77027e10f8958b827 8488 raw-translations - openssh_7.2p2-4ubuntu2.6_i386_translations.tar.gz 9f7795beef37b6336237efc5f681d0b3 10898 gnome extra ssh-askpass-gnome-dbgsym_7.2p2-4ubuntu2.6_i386.ddeb b265e4b8b39a4d59fcc4886806585753 14350 gnome optional ssh-askpass-gnome_7.2p2-4ubuntu2.6_i386.deb Original-Maintainer: Debian OpenSSH Maintainers