ELSA-2007-0703

ULN >
Oracle Linux Errata repository >
ELSA-2007-0703

ELSA-2007-0703 - openssh security and bug fix update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2007-11-27

Description

[3.9p1-8.RHEL4.24]
- return correct exit status on failed write on sftp batch mode (#247802)

[3.9p1-8.RHEL4.23]
- some more mem leaks fix in sftp (#240909)

[3.9p1-8.RHEL4.22]
- CVE-2007-3102 escape account name to prevent audit log injection (#248058)

[3.9p1-8.RHEL4.21]
- move pam session calls so pam_close_session is always called (#216689)
- get canonical hostname for gssapi (#216854)
- CVE-2006-5052 dont leak info about user existence with krb5 auth (#234643)
- fix some memory leaks in sftp (#240909)
- correctly kill sshd in initscript (#244655)
- close unused ends of sockets so [pam] child is always terminated (#247440)

Related CVEs

CVE-2007-3102

CVE-2006-5052

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 4 (i386)	openssh-3.9p1-8.RHEL4.24.src.rpm	d6e641c41e3e707e035832337c6c504a	ELEA-2010-0511
	openssh-3.9p1-8.RHEL4.24.i386.rpm	01846ae2d5c9c27a4b92363f91b5fc33	ELEA-2010-0511
	openssh-askpass-3.9p1-8.RHEL4.24.i386.rpm	6d348a280961bfbbb3114b41cc1195a3	ELEA-2010-0511
	openssh-askpass-gnome-3.9p1-8.RHEL4.24.i386.rpm	a53eb8eebeb9e20c5b8731ca0e2c95d8	ELEA-2010-0511
	openssh-clients-3.9p1-8.RHEL4.24.i386.rpm	0650f603e964da7a29bfcea40e77fd8a	ELEA-2010-0511
	openssh-server-3.9p1-8.RHEL4.24.i386.rpm	89babaeaaeac76d5dfab5eeb88083ce2	ELEA-2010-0511

Oracle Linux 4 (ia64)	openssh-3.9p1-8.RHEL4.24.src.rpm	d6e641c41e3e707e035832337c6c504a	ELEA-2010-0511
	openssh-3.9p1-8.RHEL4.24.ia64.rpm	3b4be17f61a1ff22df3b81656a3496a9	ELEA-2010-0511
	openssh-askpass-3.9p1-8.RHEL4.24.ia64.rpm	4f6d6ffe962fd08fdf9de8f759a68d28	ELEA-2010-0511
	openssh-askpass-gnome-3.9p1-8.RHEL4.24.ia64.rpm	0bcc9b2e9722435123d606984abbef4f	ELEA-2010-0511
	openssh-clients-3.9p1-8.RHEL4.24.ia64.rpm	dccdf3268525ec47ceab35a248bc2447	ELEA-2010-0511
	openssh-server-3.9p1-8.RHEL4.24.ia64.rpm	c52d43aa23997986e1937630dcccc1c8	ELEA-2010-0511

Oracle Linux 4 (x86_64)	openssh-3.9p1-8.RHEL4.24.src.rpm	d6e641c41e3e707e035832337c6c504a	ELEA-2010-0511
	openssh-3.9p1-8.RHEL4.24.x86_64.rpm	4f25f1504358b0c4ce9d9b8535bf76ec	ELEA-2010-0511
	openssh-askpass-3.9p1-8.RHEL4.24.x86_64.rpm	e7f6569875b7c60eb60e9f37a8722273	ELEA-2010-0511
	openssh-askpass-gnome-3.9p1-8.RHEL4.24.x86_64.rpm	81613b3f60427d34d0a3c194e34902e4	ELEA-2010-0511
	openssh-clients-3.9p1-8.RHEL4.24.x86_64.rpm	0bdf3689c41b2b5f9becdc4c221c0c3a	ELEA-2010-0511
	openssh-server-3.9p1-8.RHEL4.24.x86_64.rpm	0dde5047f53e3355f87af94543c280a3	ELEA-2010-0511

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691