This bug was fixed in the package openssh - 1:7.6p1-4ubuntu0.5
---------------
openssh (1:7.6p1-4ubuntu0.5) bionic-security; urgency=medium
* SECURITY REGRESSION: User enumeration issue (LP: #1934501)
- debian/patches/CVE-2018-15473.patch: updated to fix bad patch
backport.
-- Marc Deslauriers <marc.deslauri...@ubuntu.com> Wed, 11 Aug 2021
14:02:09 -0400
** Changed in: openssh (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15473
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1859013
Title:
openssh tests use "not valid yet" certificate from 2020, which is now
valid
Status in openssh package in Ubuntu:
Fix Released
Status in openssh source package in Precise:
New
Status in openssh source package in Trusty:
New
Status in openssh source package in Xenial:
Fix Released
Status in openssh source package in Bionic:
Fix Released
Status in openssh source package in Disco:
Won't Fix
Status in openssh source package in Eoan:
Fix Released
Status in openssh source package in Focal:
Fix Released
Bug description:
[Impact]
* regression testsuite uses 1st of January 2020 as the date in the
future, however that is now in the past making autpkgtests fail.
[Test Case]
* Autopkgtest must pass
[Regression Potential]
* Testsuite assertion update only
[Other Info]
This is a staged update to be rolled up with any other openssh update
in the future.
fixed in debian https://tracker.debian.org/news/1092767/accepted-
openssh-181p1-4-source-into-unstable/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1859013/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
