Description of problem: The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0539 Expected results: As Fedora 15 in still in support, one would aspect a new openssh release to be placed in a Fedora 15 rpm... it is currently in Fedora 16 & 17 (as is expected). I am not stating this as an issue NIST is.... thus I must comply hopefully it is in the works... thanks
Fix from http://www.openssh.com/txt/legacy-cert.adv should be satisfactory.
openssh-5.6p1-35.fc15 has been submitted as an update for Fedora 15. https://admin.fedoraproject.org/updates/openssh-5.6p1-35.fc15
Package openssh-5.6p1-35.fc15: * should fix your issue, * was pushed to the Fedora 15 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing openssh-5.6p1-35.fc15' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-1673/openssh-5.6p1-35.fc15 then log in and leave karma (feedback).
openssh-5.6p1-35.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report.