[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] openSSH, 11.3 and CVE-2011-0539



paul wrote:
We failed a pci-dss compliance test because the version of openSSH for 11.3
doesn't have the fix for CVE-2011-0539. In fact, there hasn't been any update
to openSSH for 11.3 since Jun 2010.

If you have a use case that requires pci-dss compliance you may find
SLES better suite your needs.
Anyways, CVE-2011-0539 affects openssh >= 5.6 while 11.3 has 5.4.
https://bugzilla.novell.com/show_bug.cgi?id=669477

cu
Ludwig

--
 (o_   Ludwig Nussel
 //\
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx