oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778

From: Tomas Hoger <thoger () redhat com>
Date: Fri, 15 Jan 2016 20:32:49 +0100
On Fri, 15 Jan 2016 12:10:16 -0500 (EST) cve-assign () mitre org wrote:


There's also a fix related to X11 forwarding which seems different than
the fix which went into OpenSSH 6.9. I'm not sure if it deserves a CVE
or not.  



https://anongit.mindrot.org/openssh.git/commit/?id=ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c  



eliminate fallback from untrusted X11 forwarding to trusted forwarding
when the X server disables the SECURITY extension; Reported by Thomas
Hoger  


MITRE is not assigning a CVE ID for
ed4ce82dbfa8a3a3c8ea6fa0db113c71e234416c at this time. First, the
(misspelled) reporter name suggests that the issue might have already
had a CVE ID assigned by Red Hat before the issue became public. Also,
http://www.openssh.com/txt/release-7.1p2 does not announce this as a
security fix. Finally, the wording suggests that it could possibly be
an interoperability fix, not a security fix.


FYI, this issue was announced as a security fix in 7.1p2 release notes:

https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034680.html

However, as the fix was not actually included in 7.1p2, the
release-7.1p2 announcement as available on the url listed above was
modified to remove mention of that issue.

https://lists.mindrot.org/pipermail/openssh-unix-dev/2016-January/034684.html

-- 
Tomas Hoger / Red Hat Product Security
Previous By Date Next
Previous By Thread Next

Current thread: