USN-2869-1: OpenSSH vulnerabilities

14 January 2016

OpenSSH could be made to expose sensitive information over the network.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • openssh - secure shell (SSH) for secure access to remote machines

Details

It was discovered that the OpenSSH client experimental support for resuming
connections contained multiple security issues. A malicious server could
use this issue to leak client memory to the server, including private
client user keys.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 15.10
Ubuntu 15.04
Ubuntu 14.04
Ubuntu 12.04

In general, a standard system update will make all the necessary changes.