Mailinglist Archive: opensuse-security (9 mails)

< Previous Next >
Re: [opensuse-security] openSSH, 11.3 and CVE-2011-0539
  • From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
  • Date: Mon, 18 Jul 2011 10:23:59 +0200
  • Message-id: <4E23ED9F.6060003@suse.de>
paul wrote:
We failed a pci-dss compliance test because the version of openSSH for 11.3
doesn't have the fix for CVE-2011-0539. In fact, there hasn't been any update
to openSSH for 11.3 since Jun 2010.

If you have a use case that requires pci-dss compliance you may find
SLES better suite your needs.
Anyways, CVE-2011-0539 affects openssh >= 5.6 while 11.3 has 5.4.
https://bugzilla.novell.com/show_bug.cgi?id=669477

cu
Ludwig

--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imend├Ârffer, HRB 16746 (AG N├╝rnberg)
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups
References