Comments on: USN-2869-1: OpenSSH vulnerabilities | Ubuntu https://www.epanorama.net/blog/2016/01/15/usn-2869-1-openssh-vulnerabilities-ubuntu/ All about electronics and circuit design Fri, 10 Apr 2026 21:14:09 +0000 hourly 1 http://wordpress.org/?v=3.9.14 By: Tomi Engdahl https://www.epanorama.net/blog/2016/01/15/usn-2869-1-openssh-vulnerabilities-ubuntu/comment-page-1/#comment-1467135 Fri, 15 Jan 2016 09:34:56 +0000 http://www.epanorama.net/newepa/?p=37935#comment-1467135 Related posting: http://www.epanorama.net/newepa/2016/01/15/openssh-client-bugs-cve-2016-0777-and-cve-2016-0778/

]]> By: Tomi Engdahl https://www.epanorama.net/blog/2016/01/15/usn-2869-1-openssh-vulnerabilities-ubuntu/comment-page-1/#comment-1467134 Fri, 15 Jan 2016 09:34:40 +0000 http://www.epanorama.net/newepa/?p=37935#comment-1467134 USN-2869-1: OpenSSH vulnerabilities
http://www.ubuntu.com/usn/usn-2869-1/

Details
It was discovered that the OpenSSH client experimental support for resuming
connections contained multiple security issues. A malicious server could
use this issue to leak client memory to the server, including private
client user keys.

OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778
http://undeadly.org/cgi?action=article&sid=20160114142733

This is the most serious bug you’ll hear about this week: the issues identified and fixed in OpenSSH are dubbed CVE-2016-0777 and CVE-2016-0778.
An early heads up came from Theo de Raadt in this mailing list posting.
Until you are able to patch affected systems, the recommended workaround is to use

UPDATE: This affects OpenSSH versions 5.4 through 7.1.
UPDATE: The following commit from deraadt@ has just gone in:
CVSROOT: /cvs
Module name: src
Changes by: deraadt@cvs.openbsd.org 2016/01/14 07:34:34

Modified files:
usr.bin/ssh : readconf.c ssh.c

Log message:
Disable experimental client-side roaming support. Server side was
disabled/gutted for years already, but this aspect was surprisingly
forgotten. Thanks for report from Qualys

]]>