Fedora 22 : openssh-6.9p1-1.fc22 (2015-11063)
Medium Nessus Plugin ID 84687
SynopsisThe remote Fedora host is missing a security update.
DescriptionThis update brings security fix for two announced vulnerabilities.
Namely XSECURITY restrictions bypass under certain conditions AND weakness of agent locking (ssh-add -x) to password guessing (more info in related bugs). It also provides new version of openssh-6.9 which is bringing many bugfixes and few new features with maintaining compatibility with previous version.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected openssh package.