USN-6279-1: OpenSSH update
9 August 2023
A hardening measure was added to OpenSSH.
- openssh - secure shell (SSH) for secure access to remote machines
It was discovered that OpenSSH has an observable discrepancy leading to an
information leak in the algorithm negotiation. This update mitigates the
issue by tweaking the client hostkey preference ordering algorithm to
prefer the default ordering if the user has a key that matches the
best-preference default algorithm.
The problem can be corrected by updating your system to the following package versions:
- openssh-client - 1:7.6p1-4ubuntu0.7+esm2
- openssh-client - 1:7.2p2-4ubuntu2.10+esm4
- openssh-client - 1:6.6p1-2ubuntu2.13+esm2
In general, a standard system update will make all the necessary changes.