ELSA-2024-12233

ELSA-2024-12233 - openssh security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-03-18

Description


[7.4p1-23.0.3_fips]
- Change Epoch from 1 to 10
- Enable fips KDF POST [Orabug: 32461750]
- Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739]

[7.4p1-23.0.3]
- add KEX_INITIAL flag [Orabug: 36160445]
- implement 'strict key exchange' [CVE-2023-48795][Orabug: 36160445]


Related CVEs


CVE-2023-48795

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) openssh-7.4p1-23.0.3.el7_9_fips.src.rpmd9f15ca3383dd7ad9810e19632b97f9c-ol7_aarch64_u8_security_validation
openssh-7.4p1-23.0.3.el7_9_fips.aarch64.rpmeb12b7e3676c5bcced4f1bc1c17d1052-ol7_aarch64_u8_security_validation
openssh-askpass-7.4p1-23.0.3.el7_9_fips.aarch64.rpm5e7676d3987cc51b15ecc1d00f3c8560-ol7_aarch64_u8_security_validation
openssh-cavs-7.4p1-23.0.3.el7_9_fips.aarch64.rpmbeccd0f804fe2f5b2298b5066b67d671-ol7_aarch64_u8_security_validation
openssh-clients-7.4p1-23.0.3.el7_9_fips.aarch64.rpm52854fed3ccbbad52d92ef64bec2256c-ol7_aarch64_u8_security_validation
openssh-keycat-7.4p1-23.0.3.el7_9_fips.aarch64.rpm2be0f2544ded028292c01d3bc21a3fe4-ol7_aarch64_u8_security_validation
openssh-ldap-7.4p1-23.0.3.el7_9_fips.aarch64.rpm11d72a8305f10dc3013542a448650026-ol7_aarch64_u8_security_validation
openssh-server-7.4p1-23.0.3.el7_9_fips.aarch64.rpmfebca845c474dfa475520ec3cfd94507-ol7_aarch64_u8_security_validation
openssh-server-sysvinit-7.4p1-23.0.3.el7_9_fips.aarch64.rpm9706c257b8ad83f5362a57ae02b447b2-ol7_aarch64_u8_security_validation
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.aarch64.rpm3e9df918fd205e559968a413b04c83da-ol7_aarch64_u8_security_validation



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete