Stay Connected:

ELBA-2022-3949

ELBA-2022-3949 - openssh

Type:BUG
Impact:NA
Release Date:2022-06-30

Description


[8.7p1-8]
- Workaround for RHEL 8 incompatibility in scp utility in SFTP mode
Related: rhbz#2038854

[8.7p1-7]
- Switch to SFTP protocol in scp utility by default - upstream fixes
Related: rhbz#2001002
- Workaround for RHEL 8 incompatibility in scp utility in SFTP mode
Related: rhbz#2038854

[8.7p1-6]
- Fix SSH connection to localhost not possible in FIPS
Related: rhbz#2031868

[8.7p1-5]
- Fix ssh-keygen -Y find-principals -f /dev/null -s /dev/null segfault
Related: rhbz#2024902

[8.7p1-4]
- Fix memory leaks introduced in OpenSSH 8.7
Related: rhbz#2001002

[8.7p1-3]
- Disable locale forwarding in default configurations
Related: rhbz#2002734

[8.7p1-2]
- Upstream fix for CVE-2021-41617
Related: rhbz#2008886

[8.7p1-1 + 0.10.4-4]
- New upstream release
- Switch to SFTP protocol in scp utility by default
- Enable SCP protocol kill switch
Related: rhbz#2001002

[8.6p1-7.1]
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

[8.6p1-7]
- Rebuild to pick up OpenSSL 3.0 Beta ABI (#1984097)

[8.6p1-6]
- rebuilt

[8.6p1-5.1]
- Rebuilt for RHEL 9 BETA for openssl 3.0
Related: rhbz#1971065

[8.6p1-5]
- Remove recommendation of p11-kit (#1947904)

[8.6p1-4]
- rebuilt

[8.6p1-3]
- Hostbased ssh authentication fails if session ID contains a / (#1963058)

[8.6p1-2]
- rebuilt

[8.6p1-1 + 0.10.4-3]
- New upstream release (#1952957)
- GSS KEX broken beginning with (GSI-)OpenSSH 8.0p1 (#1957306)

[8.5p1-3.1]
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

[8.5p1-3]
- Coverity fixes for 8.5p1 (#1938831)

[8.5p1-2]
- ssh-agent.serivce is user unit (#1761817#27)

[8.5p1-1 + 0.10.4-2]
- New upstream release (#1934336)

[8.4p1-5.2]
- Rebuilt for updated systemd-rpm-macros
See https://pagure.io/fesco/issue/2583.

[8.4p1-5.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[8.4p1-5 + 0.10.4-1]
- Use /usr/share/empty.sshd instead of /var/empty/sshd
- Allow emptu labels in PKCS#11 tokens (#1919007)
- Drop openssh-cavs subpackage

[8.4p1-4 + 0.10.4-1]
- Remove PasswordAuthentication yes from vendor configuration as it is
already default and it might be hard to override.
- Fix broken obsoletes for openssh-ldap (#1902084)

[8.4p1-3 + 0.10.4-1]
- Unbreak seccomp filter on arm (#1897712)
- Add a workaround for Debians broken OpenSSH (#1881301)

[8.4p1-2 + 0.10.4-1]
- Unbreak ssh-copy-id after a release (#1884231)
- Remove misleading comment from sysconfig

[8.4p1-1 + 0.10.4-1]
- New upstream release of OpenSSH and pam_ssh_agent_auth (#1882995)

[8.3p1-4 + 0.10.3-10]
- Remove openssh-ldap subpackage (#1871025)
- pkcs11: Do not crash with invalid paths in ssh-agent (#1868996)
- Clarify documentation about sftp-server -m (#1862504)

[8.3p1-3.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

[8.3p1-3 + 0.10.3-10]
- Do not lose PIN when more slots match PKCS#11 URI (#1843372)
- Update to new crypto-policies version on server (using sshd_config include)
- Move redhat configuraion files to larger number to allow simpler override
- Move sshd_config include before any other definitions (#1824913)

[8.3p1-2 + 0.10.3-10]
- Fix crash on cleanup (#1842281)

[8.3p1-1 + 0.10.3-10]
- New upstream release (#1840503)
- Unbreak corner cases of sshd_config include
- Fix order of gssapi key exchange algorithms

[8.2p1-3 + 0.10.3-9]
- Simplify reference to crypto policies in configuration files
- Unbreak gssapi authentication with GSSAPITrustDNS over jump hosts
- Correctly print FIPS mode initialized in debug mode
- Enable SHA2-based GSSAPI key exchange methods (#1666781)
- Do not break X11 forwarding when IPv6 is disabled
- Remove fipscheck dependency as OpenSSH is no longer FIPS module
- Improve documentation about crypto policies defaults in manual pages




Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) openssh-8.7p1-8.el9.src.rpmb073c2c046baa0e5140b41f210957c8889e6bcc422369a5805a87125b38071d2-ol9_aarch64_appstream
openssh-8.7p1-8.el9.src.rpmb073c2c046baa0e5140b41f210957c8889e6bcc422369a5805a87125b38071d2-ol9_aarch64_baseos_latest
openssh-8.7p1-8.el9.src.rpmb073c2c046baa0e5140b41f210957c8889e6bcc422369a5805a87125b38071d2-ol9_aarch64_u0_baseos_base
openssh-8.7p1-8.el9.aarch64.rpm819260a11f18b902f52044d616daf541dd2e78db640c7b469c05ff00ac8ba28e-ol9_aarch64_baseos_latest
openssh-8.7p1-8.el9.aarch64.rpm819260a11f18b902f52044d616daf541dd2e78db640c7b469c05ff00ac8ba28e-ol9_aarch64_u0_baseos_base
openssh-askpass-8.7p1-8.el9.aarch64.rpm95cb9dd392e02e5556e875a4fdf0b57a76d7b58fd866e68a0f3d3b50aad96554-ol9_aarch64_appstream
openssh-clients-8.7p1-8.el9.aarch64.rpmbc420346ec74b0b9d3e66d2bdee49c0442215833adfec508acfd816520e7b0ff-ol9_aarch64_baseos_latest
openssh-clients-8.7p1-8.el9.aarch64.rpmbc420346ec74b0b9d3e66d2bdee49c0442215833adfec508acfd816520e7b0ff-ol9_aarch64_u0_baseos_base
openssh-keycat-8.7p1-8.el9.aarch64.rpm50e0d2d5c77f2d320ff7de3d31fad96f845b71c7e3b426cd5c05114c16efb48e-ol9_aarch64_baseos_latest
openssh-keycat-8.7p1-8.el9.aarch64.rpm50e0d2d5c77f2d320ff7de3d31fad96f845b71c7e3b426cd5c05114c16efb48e-ol9_aarch64_u0_baseos_base
openssh-server-8.7p1-8.el9.aarch64.rpmfbba512c8174b05b385ac9483d8c6a539a9b8a1035ef1097e85f6ce39b888793-ol9_aarch64_baseos_latest
openssh-server-8.7p1-8.el9.aarch64.rpmfbba512c8174b05b385ac9483d8c6a539a9b8a1035ef1097e85f6ce39b888793-ol9_aarch64_u0_baseos_base
pam_ssh_agent_auth-0.10.4-4.8.el9.aarch64.rpmf9934d6892e7809df2707dded85b7e36175882fbadf19741d07fc52fb21e2d85-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) openssh-8.7p1-8.el9.src.rpmb073c2c046baa0e5140b41f210957c8889e6bcc422369a5805a87125b38071d2-ol9_x86_64_appstream
openssh-8.7p1-8.el9.src.rpmb073c2c046baa0e5140b41f210957c8889e6bcc422369a5805a87125b38071d2-ol9_x86_64_baseos_latest
openssh-8.7p1-8.el9.src.rpmb073c2c046baa0e5140b41f210957c8889e6bcc422369a5805a87125b38071d2-ol9_x86_64_u0_baseos_base
openssh-8.7p1-8.el9.x86_64.rpmf056fc642d1e8a18da749d6de6d56d8de03410a729bc5993c2829ad532d9889f-ol9_x86_64_baseos_latest
openssh-8.7p1-8.el9.x86_64.rpmf056fc642d1e8a18da749d6de6d56d8de03410a729bc5993c2829ad532d9889f-ol9_x86_64_u0_baseos_base
openssh-askpass-8.7p1-8.el9.x86_64.rpm0b316f991c376a13de03f894fc62c79f33098fe5d8d1e298bcb1da1dc621fc43-ol9_x86_64_appstream
openssh-clients-8.7p1-8.el9.x86_64.rpm18d730bd2f32a7767c25a343eac491c58d8694ef2b8600a39d8abe613c6369b5-ol9_x86_64_baseos_latest
openssh-clients-8.7p1-8.el9.x86_64.rpm18d730bd2f32a7767c25a343eac491c58d8694ef2b8600a39d8abe613c6369b5-ol9_x86_64_u0_baseos_base
openssh-keycat-8.7p1-8.el9.x86_64.rpm04994b01ef1037956b6d6ce71a11affa6533a5ed5df70928ba3b6e4d00523bb0-ol9_x86_64_baseos_latest
openssh-keycat-8.7p1-8.el9.x86_64.rpm04994b01ef1037956b6d6ce71a11affa6533a5ed5df70928ba3b6e4d00523bb0-ol9_x86_64_u0_baseos_base
openssh-server-8.7p1-8.el9.x86_64.rpm6bc2debf98506ee6d67a93003215fce796feb1ac86e231ed1faecf7ab8dccb65-ol9_x86_64_baseos_latest
openssh-server-8.7p1-8.el9.x86_64.rpm6bc2debf98506ee6d67a93003215fce796feb1ac86e231ed1faecf7ab8dccb65-ol9_x86_64_u0_baseos_base
pam_ssh_agent_auth-0.10.4-4.8.el9.x86_64.rpm5e2adb07b8396dad64a755107b27e5220899711ea44fca26271f52d8d3509f61-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights