Fedora 19 : openssh-6.2p2-8.fc19 (2014-6569)
Medium Nessus Plugin ID 74384
SynopsisThe remote Fedora host is missing a security update.
Description- environment variables with embedded '=' or '0' characters are now ignored
- prevents a server from skipping SSHFP lookup and forcing a new-hostkey dialog by offering only certificate keys
- /etc/ssh/moduli is readable by all now
- ssh-copy-id is run in so called legacy mode when SSH_COPY_ID_LEGACY variable is set
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected openssh package.