ELSA-2015-2088
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-2088
ELSA-2015-2088 - openssh security, bug fix, and enhancement update
| Type: | SECURITY |
| Impact: | MODERATE |
| Release Date: | 2015-11-23 |
Description
[6.6.1p1-22]
- Use the correct constant for glob limits (#1160377)
[6.6.1p1-21]
- Extend memory limit for remote glob in sftp acc. to stat limit (#1160377)
[6.6.1p1-20]
- Fix vulnerabilities published with openssh-7.0 (#1265807)
- Privilege separation weakness related to PAM support
- Use-after-free bug related to PAM support
[6.6.1p1-19]
- Increase limit of files for glob match in sftp to 8192 (#1160377)
[6.6.1p1-18]
- Add GSSAPIKexAlgorithms option for server and client application (#1253062)
[6.6.1p1-17]
- Security fixes released with openssh-6.9 (CVE-2015-5352) (#1247864)
- XSECURITY restrictions bypass under certain conditions in ssh(1) (#1238231)
- weakness of agent locking (ssh-add -x) to password guessing (#1238238)
[6.6.1p1-16]
- only query each keyboard-interactive device once (CVE-2015-5600) (#1245971)
[6.6.1p1-15]
- One more typo in manual page documenting TERM variable (#1162683)
- Fix race condition with auditing messages answers (#1240613)
[6.6.1p1-14]
- Fix ldif schema to have correct spacing on newlines (#1184938)
- Add missing values for sshd test mode (#1187597)
- ssh-copy-id: tcsh doesnt work with multiline strings (#1201758)
- Fix memory problems with newkeys and array transfers (#1223218)
- Enhance AllowGroups documentation in man page (#1150007)
[6.6.1p1-13]
- Increase limit of files for glob match in sftp (#1160377)
- Add pam_reauthorize.so to /etc/pam.d/sshd (#1204233)
- Show all config values in sshd test mode (#1187597)
- Document required selinux boolean for working ssh-ldap-helper (#1178116)
- Consistent usage of pam_namespace in sshd (#1125110)
- Fix auditing when using combination of ForcedCommand and PTY (#1199112)
- Add sftp option to force mode of created files (#1197989)
- Ability to specify an arbitrary LDAP filter in ldap.conf for ssh-ldap-helper (#1201753)
- Provide documentation line for systemd service and socket (#1181591)
- Provide LDIF version of LPK schema (#1184938)
- Document TERM environment variable (#1162683)
- Fix ssh-copy-id on non-sh remote shells (#1201758)
- Do not read RSA1 hostkeys for HostBased authentication in FIPS (#1197666)
Related CVEs
| CVE-2015-5600 |
| CVE-2015-6563 |
| CVE-2015-6564 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | openssh-6.6.1p1-22.el7.src.rpm | f5795291634b451b29e89f45881ba255dff8cbdbdc5032d3903a6a2f55390877 | ELSA-2024-12233 | ol7_x86_64_latest_archive |
| openssh-6.6.1p1-22.el7.src.rpm | f5795291634b451b29e89f45881ba255dff8cbdbdc5032d3903a6a2f55390877 | ELSA-2024-12233 | ol7_x86_64_optional_archive | |
| openssh-6.6.1p1-22.el7.src.rpm | f5795291634b451b29e89f45881ba255dff8cbdbdc5032d3903a6a2f55390877 | ELSA-2024-12233 | ol7_x86_64_u2_base | |
| openssh-6.6.1p1-22.el7.x86_64.rpm | faa8d7fa005fa166d76c98e753f4e1ae0e4e5452fde026743fe4e72e1ddc9337 | ELSA-2024-12233 | ol7_x86_64_latest_archive | |
| openssh-6.6.1p1-22.el7.x86_64.rpm | faa8d7fa005fa166d76c98e753f4e1ae0e4e5452fde026743fe4e72e1ddc9337 | ELSA-2024-12233 | ol7_x86_64_u2_base | |
| openssh-askpass-6.6.1p1-22.el7.x86_64.rpm | f6a08e43dff3a3c97440dffba81846c68387497e374fba02f9ca578d3e1f37cb | ELSA-2024-12233 | ol7_x86_64_latest_archive | |
| openssh-askpass-6.6.1p1-22.el7.x86_64.rpm | f6a08e43dff3a3c97440dffba81846c68387497e374fba02f9ca578d3e1f37cb | ELSA-2024-12233 | ol7_x86_64_u2_base | |
| openssh-clients-6.6.1p1-22.el7.x86_64.rpm | 626f528ec32bbe53610007896a264a6fe62b84ad2bddea9e725792f4b3c2b492 | ELSA-2024-12233 | ol7_x86_64_latest_archive | |
| openssh-clients-6.6.1p1-22.el7.x86_64.rpm | 626f528ec32bbe53610007896a264a6fe62b84ad2bddea9e725792f4b3c2b492 | ELSA-2024-12233 | ol7_x86_64_u2_base | |
| openssh-keycat-6.6.1p1-22.el7.x86_64.rpm | a8ac1757560b7cd2d0457401e6a0e883bf4fbaa115a2b28bf9a6c4626d3db9c7 | ELSA-2024-12233 | ol7_x86_64_latest_archive | |
| openssh-keycat-6.6.1p1-22.el7.x86_64.rpm | a8ac1757560b7cd2d0457401e6a0e883bf4fbaa115a2b28bf9a6c4626d3db9c7 | ELSA-2024-12233 | ol7_x86_64_u2_base | |
| openssh-ldap-6.6.1p1-22.el7.x86_64.rpm | 9d702e7c160e28acfb064a8f2032098605abcb1ad69d188c7789bcf8b845bb38 | ELSA-2024-12233 | ol7_x86_64_optional_archive | |
| openssh-server-6.6.1p1-22.el7.x86_64.rpm | f1dc28eacdd627d3af97c4877df9256571be88c0dc1e0872a422aaa7a3184da5 | ELSA-2024-12233 | ol7_x86_64_latest_archive | |
| openssh-server-6.6.1p1-22.el7.x86_64.rpm | f1dc28eacdd627d3af97c4877df9256571be88c0dc1e0872a422aaa7a3184da5 | ELSA-2024-12233 | ol7_x86_64_u2_base | |
| openssh-server-sysvinit-6.6.1p1-22.el7.x86_64.rpm | 195fde84dd94db17071da6c24de2e3208f73fcac187ad166b665d1b21b61747b | ELSA-2024-12233 | ol7_x86_64_optional_archive | |
| pam_ssh_agent_auth-0.9.3-9.22.el7.i686.rpm | f6838c3c70c68bc408d9be23e692e56232956ffafea771097be1a7e02a94b885 | ELSA-2024-12233 | ol7_x86_64_optional_archive | |
| pam_ssh_agent_auth-0.9.3-9.22.el7.x86_64.rpm | 917227018d2a2291ae6a9ff33f4b92d702520beffbfaba241b43870d7a699232 | ELSA-2024-12233 | ol7_x86_64_optional_archive | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
