OracleVM 3.3 / 3.4 : openssh (OVMSA-2016-0048)
Medium Nessus Plugin ID 91153
SynopsisThe remote OracleVM host is missing one or more security updates.
DescriptionThe remote OracleVM system is missing necessary patches to address critical security updates :
- CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317817)
- Restore functionallity of pam_ssh_agent_auth in FIPS mode (#1278315)
- Initialize devices_done variable for challenge response (#1281468)
- Update behaviour of X11 forwarding to match upstream (#1299048)
- Ammends previous release, fixing typos and behaviour changes
SolutionUpdate the affected openssh / openssh-clients / openssh-server packages.