[Oraclevm-errata] OVMSA-2016-0070 Oracle VM 3.2 openssh security update
Errata Announcements for Oracle VM
oraclevm-errata at oss.oracle.com
Tue Jun 21 10:06:53 PDT 2016
Oracle VM Security Advisory OVMSA-2016-0070
The following updated rpms for Oracle VM 3.2 have been uploaded to the
Unbreakable Linux Network:
x86_64:
openssh-4.3p2-82.0.2.el5.x86_64.rpm
openssh-clients-4.3p2-82.0.2.el5.x86_64.rpm
openssh-server-4.3p2-82.0.2.el5.x86_64.rpm
SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/openssh-4.3p2-82.0.2.el5.src.rpm
Description of changes:
[4.3p2-82.0.2]
- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in
KbdInteractiveDevices (John Haxby) [orabug 22985024]
- CVE-2016-3115: missing sanitisation of input for X11 forwarding (John
Haxby) [orabug 22985024]
More information about the Oraclevm-errata
mailing list