ELSA-2017-0641

ELSA-2017-0641 - openssh security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2017-03-27

Description

[5.3p1-122]
- Allow to use ibmca crypto hardware (#1397547)
- CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes (1405374)

[5.3p1-121]
- Fix missing hmac-md5-96 from server offer (#1373836)

[5.3p1-120]
- Prevent infinite loop when Ctrl+Z pressed at password prompt (#1218424)
- Remove RC4 cipher and MD5 based MAC from the default client proposal (#1373836)

[5.3p1-119]
- Resolve sftp force permission colision with umask (#1341747)
- Relax bits needed check to allow hmac-sha2-512 with gss-group1-sha1- (#1353359)
- close ControlPersist background process stderr when not in debug mode (#1335539)
- Do not add a message 'The agent has no identities.' in ~/.ssh/authorized_keys (#1353410)

Related CVEs

CVE-2015-8325

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 6 (i386)	openssh-5.3p1-122.el6.src.rpm	f24e0df587be6d4fb091865f3e79fe62	ELSA-2019-0711
	openssh-5.3p1-122.el6.i686.rpm	b22ff72f58005d1a0575d538fb9264c5	ELSA-2019-0711
	openssh-askpass-5.3p1-122.el6.i686.rpm	aeb156be5bc0e5734bfeea0396967fdd	ELSA-2019-0711
	openssh-clients-5.3p1-122.el6.i686.rpm	7e26ba03b472321406bb76c7cf40e753	ELSA-2019-0711
	openssh-ldap-5.3p1-122.el6.i686.rpm	98d51056f4c7e9033f71d5c6392dc9b3	ELSA-2019-0711
	openssh-server-5.3p1-122.el6.i686.rpm	cce0373d8c7dc7770a069342a7051af9	ELSA-2019-0711
	pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm	d6cbd9a2b3c81214109c85e313c0b789	ELSA-2019-0711
Oracle Linux 6 (x86_64)	openssh-5.3p1-122.el6.src.rpm	f24e0df587be6d4fb091865f3e79fe62	ELSA-2019-0711
	openssh-5.3p1-122.el6.x86_64.rpm	c5bcadb6e1c0f008c3664ba3da36613d	ELSA-2019-0711
	openssh-askpass-5.3p1-122.el6.x86_64.rpm	63e0f9b186bf6bcfc020109d40f1d836	ELSA-2019-0711
	openssh-clients-5.3p1-122.el6.x86_64.rpm	3d8311bb629416e468210c70fb0d0e3c	ELSA-2019-0711
	openssh-ldap-5.3p1-122.el6.x86_64.rpm	9492ac36c2a43743afa09b22525a2721	ELSA-2019-0711
	openssh-server-5.3p1-122.el6.x86_64.rpm	45253b1a75b4320144707fb4f917eaf9	ELSA-2019-0711
	pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm	d6cbd9a2b3c81214109c85e313c0b789	ELSA-2019-0711
	pam_ssh_agent_auth-0.9.3-122.el6.x86_64.rpm	6c1b393558153556e09406eba89a814c	ELSA-2019-0711

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team