Stay Connected:

ELSA-2009-1287

ELSA-2009-1287 - openssh security, bug fix, and enhancement update

Type:SECURITY
Impact:LOW
Release Date:2009-09-08

Description


[4.3p2-36]
- tiny change in chroot sftp capability into openssh-server solve ls speed problem (#440240)

[4.3p2-35]
- workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 (#502230)

[4.3p2-34]
- disable protocol 1 in the FIPS mode

[4.3p2-33]
- fix scp hangup on exit (#454812)
- call integrity checks only on binaries which are part of the OpenSSH FIPS
modules

[4.3p2-32]
- log if FIPS mode is initialized (#492363)
- check the integrity of the binaries in the FIPS mode (#467268)

[4.3p2-31]
- fix ssh hangup on exit (#454812)

[4.3p2-30]
- add chroot sftp capability into openssh-server (#440240)


Related CVEs


CVE-2008-5161

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 5 (i386) openssh-4.3p2-36.el5.src.rpm24f825990c5ef7ae82862f484a02dd41bf1295901e92641caec63fec34b6c11aELSA-2016-3531el5_u4_i386_base
openssh-4.3p2-36.el5.i386.rpma17d49b55f647801729cb8f005522d2a3622a3844531db664904172717335fc0ELSA-2016-3531el5_u4_i386_base
openssh-askpass-4.3p2-36.el5.i386.rpmcb1b7f5f55d61366c696a5c6e2545f99d60f99ba0f80fbbc3eee39300388a32eELSA-2016-3531el5_u4_i386_base
openssh-clients-4.3p2-36.el5.i386.rpm06e5fe20aae8a7adab55f01ac598a1647df14a35b4087bd868123537907b3a8bELSA-2016-3531el5_u4_i386_base
openssh-server-4.3p2-36.el5.i386.rpm2c023767201dd54eded046acc3ebe433fbd9c46a64ee1ffaf20f2d24ec566de4ELSA-2016-3531el5_u4_i386_base
Oracle Linux 5 (ia64) openssh-4.3p2-36.el5.src.rpm24f825990c5ef7ae82862f484a02dd41bf1295901e92641caec63fec34b6c11aELSA-2016-3531el5_u4_ia64_base
openssh-4.3p2-36.el5.ia64.rpm2af8939b922177b00710ea9ca5679fa41bc81b9c61cd60cb469863e50693684aELSA-2016-3531el5_u4_ia64_base
openssh-askpass-4.3p2-36.el5.ia64.rpm69b4ee4032cf9bba8a8b49176c342c7c91487945166b7b395d08e4bf03c3e4c7ELSA-2016-3531el5_u4_ia64_base
openssh-clients-4.3p2-36.el5.ia64.rpm6859f5969cf36ea0860cb50ff8685f865b29c7ba44f4225dbb1f4a0d0b376fbbELSA-2016-3531el5_u4_ia64_base
openssh-server-4.3p2-36.el5.ia64.rpme55c9ca8f4abfb790d6b39f42cd4018d040a6f11ebd8ed859fa9d30a51230ffbELSA-2016-3531el5_u4_ia64_base
Oracle Linux 5 (x86_64) openssh-4.3p2-36.el5.src.rpm24f825990c5ef7ae82862f484a02dd41bf1295901e92641caec63fec34b6c11aELSA-2016-3531el5_u4_x86_64_base
openssh-4.3p2-36.el5.x86_64.rpm20f99d8851fb1988fc7288bf948e46a463da09d0e1f2d861e303f8504e294be3ELSA-2016-3531el5_u4_x86_64_base
openssh-askpass-4.3p2-36.el5.x86_64.rpma8f06668de5ff0aeebee6c8cc9ca5636128c7865a3fa875b6645645f0b54f313ELSA-2016-3531el5_u4_x86_64_base
openssh-clients-4.3p2-36.el5.x86_64.rpme0c4928771a1d6ba4048bdbca3439b855c21d73a2d4e8dee7a4427498b7f2a16ELSA-2016-3531el5_u4_x86_64_base
openssh-server-4.3p2-36.el5.x86_64.rpm1d5cacfefbbb0dc19686e8aeba3d79363703d9adc3cdac0729a14faada4ae57dELSA-2016-3531el5_u4_x86_64_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights