Stay Connected:

ELSA-2007-0540

ELSA-2007-0540 - openssh security and bug fix update

Type:SECURITY
Impact:MODERATE
Release Date:2007-11-19

Description


[4.3p2-24]
- fixed audit log injection problem (CVE-2007-3102) (#248059)

[4.3p2-23]
- document where the nss certificate and token dbs are looked for

[4.3p2-22]
- experimental support for PKCS#11 tokens through libnss3 (#183423)

[4.3p2-21]
- fix an information leak in Kerberos password authentication (CVE-2006-5052)
(#234638)
- correctly setup context when empty level requested (#234951)

[4.3p2-20]
- and always request default level as returned by getseuserbyname (#231695)

[4.3p2-19]
- check requested level context against a context with the same role (#231695)

[4.3p2-18]
- reject connection if requested mls range is not obtained (#229278)

[4.3p2-17]
- allow selecting non-default roles and audit role changes (#227733)


Related CVEs


CVE-2006-5052
CVE-2007-3102

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (i386) openssh-4.3p2-24.el5.src.rpmb1f4dfd1df34982753ffaf7df1bacd65793a9ca8272c0a0948be00d15e1d5dcbELSA-2016-3531el5_u1_i386_base
openssh-4.3p2-24.el5.i386.rpm56ed6ba1cdc9f749f4ff795b539577d9c702b860cb243cda6cb65ceb93c20691ELSA-2016-3531el5_u1_i386_base
openssh-askpass-4.3p2-24.el5.i386.rpmef00f2b8214c21e13d52a445948f910cb92545dfa1dc5ced70f922bde81d02bbELSA-2016-3531el5_u1_i386_base
openssh-clients-4.3p2-24.el5.i386.rpm860b5d53c83388138c6274d0b721c79f15b6a7ee94e8bece582969900146807cELSA-2016-3531el5_u1_i386_base
openssh-server-4.3p2-24.el5.i386.rpm79cb8a35ee55f29cf12f5ed1f14a1a8813722c58fa318773f1c6348a18258a3aELSA-2016-3531el5_u1_i386_base
Oracle Linux 5 (x86_64) openssh-4.3p2-24.el5.src.rpmb1f4dfd1df34982753ffaf7df1bacd65793a9ca8272c0a0948be00d15e1d5dcbELSA-2016-3531el5_u1_x86_64_base
openssh-4.3p2-24.el5.x86_64.rpm6cb2160c03791fefddc0fd5b70fb0f825424347dbbf4e6f9ff393e0df145fc2fELSA-2016-3531el5_u1_x86_64_base
openssh-askpass-4.3p2-24.el5.x86_64.rpm0d253b3bdc8959393fed73f6979081b7bbbcdf5f85bf8817679e7d82aa376675ELSA-2016-3531el5_u1_x86_64_base
openssh-clients-4.3p2-24.el5.x86_64.rpm195ea50d549a89c79f67f933cb54913147ee6c29363c0a60eabb54b861ebc9a0ELSA-2016-3531el5_u1_x86_64_base
openssh-server-4.3p2-24.el5.x86_64.rpm2b296d11dac55c61544e6561434cdc548de6a0202ddc134bcfad0a8eb06ed8f1ELSA-2016-3531el5_u1_x86_64_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights