18 Jul
2011
18 Jul
'11
08:23
paul wrote:
We failed a pci-dss compliance test because the version of openSSH for 11.3 doesn't have the fix for CVE-2011-0539. In fact, there hasn't been any update to openSSH for 11.3 since Jun 2010.
If you have a use case that requires pci-dss compliance you may find SLES better suite your needs. Anyways, CVE-2011-0539 affects openssh >= 5.6 while 11.3 has 5.4. https://bugzilla.novell.com/show_bug.cgi?id=669477 cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-security+help@opensuse.org