-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Tue, 21 Aug 2018 18:04:27 +0100 Source: openssh Binary: openssh-client openssh-server openssh-sftp-server ssh ssh-krb5 ssh-askpass-gnome openssh-client-udeb openssh-server-udeb Architecture: source amd64 all Version: 1:6.7p1-5+deb8u5 Distribution: jessie-security Urgency: high Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Chris Lamb <lamby@debian.org> Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad ssh-krb5 - secure shell client and server (transitional package) Closes: 906236 Changes: openssh (1:6.7p1-5+deb8u5) jessie-security; urgency=high . * CVE-2018-15473: Prevent a user enumeration vulnerability by delaying the bailout for invalid authenticating users until after the packet containing the request has been fully parsed. (closes: #906236) Checksums-Sha1: 3cf35422f53537d46754e78526e84bd5d6fb1418 2723 openssh_6.7p1-5+deb8u5.dsc 14e5fbed710ade334d65925e080d1aaeb9c85bf6 1351367 openssh_6.7p1.orig.tar.gz c04106818070a405f396e309634aaa34532bd254 152924 openssh_6.7p1-5+deb8u5.debian.tar.xz 264e24eebafd01e907a7badeda69efab8dfa019b 690148 openssh-client_6.7p1-5+deb8u5_amd64.deb 13653687197d5e273f9c16e082456f023c6a7e00 331262 openssh-server_6.7p1-5+deb8u5_amd64.deb 2e17d1ae581f10a526f7f1afa9f039326fa8e8a1 37928 openssh-sftp-server_6.7p1-5+deb8u5_amd64.deb 31b80e659e281722edea29bbe1ee1d6a047b4117 120220 ssh_6.7p1-5+deb8u5_all.deb 170ca79eeee360537e74330061961cad92d4645d 119740 ssh-krb5_6.7p1-5+deb8u5_all.deb a342b81bc0c32215ef527138b7679f080bde268e 127820 ssh-askpass-gnome_6.7p1-5+deb8u5_amd64.deb 42963d91d1b46ec419bea8ec72d35b4015519e21 259000 openssh-client-udeb_6.7p1-5+deb8u5_amd64.udeb 20262ae32c2c274faaa58ca0519bf2d5cb39e4c8 285636 openssh-server-udeb_6.7p1-5+deb8u5_amd64.udeb Checksums-Sha256: 302ab63fd54a900667041519ba9c06b72bf9695f28a5562b818399f0f738968b 2723 openssh_6.7p1-5+deb8u5.dsc b2f8394eae858dabbdef7dac10b99aec00c95462753e80342e530bbb6f725507 1351367 openssh_6.7p1.orig.tar.gz d91eca6b6068b8b87680bf5b841f315a6256d863e46352b668ee57c422c18f07 152924 openssh_6.7p1-5+deb8u5.debian.tar.xz f057696e4b450226e5619bc76272d56ad1028c4005e8c1a476cc5ad40f9e889a 690148 openssh-client_6.7p1-5+deb8u5_amd64.deb 902a99a51e19296cca7af0820e874c946ecedc576d4da7004a80552957440cc5 331262 openssh-server_6.7p1-5+deb8u5_amd64.deb 15aa86501f3e372dda5871bb307ad9468c1a4d739e3725087dea6c49ace27219 37928 openssh-sftp-server_6.7p1-5+deb8u5_amd64.deb 84c3bdf74223283a8ea261e0dda418650641b5814b7d901afeea112ef971fc25 120220 ssh_6.7p1-5+deb8u5_all.deb 8900382cc18044f2fe109ddb9bfec32d9855655c1279233a0a23cf2fc595a330 119740 ssh-krb5_6.7p1-5+deb8u5_all.deb 33f96e910cde3a930baf902fc2a25cedba37ab099e207c10e54b43fbab009c7f 127820 ssh-askpass-gnome_6.7p1-5+deb8u5_amd64.deb 089405b54824b4c0335a55f45548a8004234aaf7e7f8a47e1452127c6a8a69bf 259000 openssh-client-udeb_6.7p1-5+deb8u5_amd64.udeb 41a7ed9ac2404e40e138c210a1455b2635915023e9c268d8d64152b6f2a1bf03 285636 openssh-server-udeb_6.7p1-5+deb8u5_amd64.udeb Files: fb64bc0cae54d3f12b1ac2ef4c6f831f 2723 net standard openssh_6.7p1-5+deb8u5.dsc 3246aa79317b1d23cae783a3bf8275d6 1351367 net standard openssh_6.7p1.orig.tar.gz fdf26673638b0e34eeee7f10877e6799 152924 net standard openssh_6.7p1-5+deb8u5.debian.tar.xz a993e6b42add7e66b11b2403f3d2fb09 690148 net standard openssh-client_6.7p1-5+deb8u5_amd64.deb 7066018b64c0bc086a16d7643b3dc296 331262 net optional openssh-server_6.7p1-5+deb8u5_amd64.deb a4282116f1c0731925bf797120977dee 37928 net optional openssh-sftp-server_6.7p1-5+deb8u5_amd64.deb 7c9dd3c881c3c6db4683385f9b9a8012 120220 net extra ssh_6.7p1-5+deb8u5_all.deb 86dca2bd7e96af0e051522c003749d49 119740 oldlibs extra ssh-krb5_6.7p1-5+deb8u5_all.deb 569de1cd8569134b06d0e4048599d7ac 127820 gnome optional ssh-askpass-gnome_6.7p1-5+deb8u5_amd64.deb cf532249a4c5eb4f736a490b88364a57 259000 debian-installer optional openssh-client-udeb_6.7p1-5+deb8u5_amd64.udeb 455c8909ddfc277e14181f11e9636cbd 285636 debian-installer optional openssh-server-udeb_6.7p1-5+deb8u5_amd64.udeb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlt8SSQACgkQHpU+J9Qx HljxXQ/8DuWtWciEvX8wSysNEu/bX9kFysA74F5DMbPcgJ/0LBKR1l0Aa49Y0KVy i9k/a/Zkl8+khkbxLI69g0CwGZOsHifX1EJLAQtzMknIU4aGO8PAJr52Hz62oKAm N1IGZnPfBtrgJphSLnP+bw9K1Li5PMb1kgiyEe8La5JSEQhEhmcyZ6lEp31A+kMB vehVnYpVG6/1piWvWmiSXaCl5dKZESbh/TSQ7eVNAdwN5LFc6/toVVKMYPafyk3S PlCmiWXGnU3WrmsgEoteLSiy6J4eeIy7LnYPC7tWoaqmdHWjvOao5zh2jKGvWvwu RvOG63bVwbDdmmVrwKl1amBYkjVYOF8ke/XygQvtVImxFlf4/MzRwx/U2MBruRh9 uRwnFnI4BOZPAzNBsWaV4S8Vj6vOyN6rQM7DhkTBmtSyC4D4N0qGCwif0FR1eHoi ZNFuhDEZhw192mvHXgVGDXboZ0PmOFG/q5G8KmskwHCotZfwP1bM5LBrs6eCfExW Q0h5/NczRuZp06AxyYmLHgRhYIHbKid/NWGw5HynmjHXYGn0D5wxqjONh/Z72Xcj tw9lcYElAtyBlhrkWB5BjsXMlUl3UUWWe+xCVanJCBXMYEkb6zcnMMuACTr4ZD5K S/RLFRrOdoC1X2NW10LI4HHavIhA/7Oq/lPuDPWbr0dgZBVayrg= =hB9Y -----END PGP SIGNATURE-----