ELSA-2016-0741

ELSA-2016-0741 - openssh security, bug fix, and enhancement update

Type:SECURITY
Severity:MODERATE
Release Date:2016-05-12

Description


[5.3p1-117]
- CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317817)

[5.3p1-116]
- Restore functionallity of pam_ssh_agent_auth in FIPS mode (#1278315)
- Initialize devices_done variable for challenge response (#1281468)
- Update behaviour of X11 forwarding to match upstream (#1299048)

[5.3p1-115]
- Ammends previous release, fixing typos and behaviour changes


Related CVEs


CVE-2015-6563
CVE-2015-6564
CVE-2016-1908
CVE-2015-5352

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (i386) openssh-5.3p1-117.el6.src.rpm7baea3e8138c9587dfacf6e89d5677baELSA-2019-0711
openssh-5.3p1-117.el6.i686.rpm20c99f354a4e0b708a8ba31bc333ed51ELSA-2019-0711
openssh-askpass-5.3p1-117.el6.i686.rpm010634d1e190d4e7d8cfff3e84a7f1d3ELSA-2019-0711
openssh-clients-5.3p1-117.el6.i686.rpm1e105792cc8e6fa123d485b3e4ba204aELSA-2019-0711
openssh-ldap-5.3p1-117.el6.i686.rpm57e5a07ee4e58275ca3ca3157e152060ELSA-2019-0711
openssh-server-5.3p1-117.el6.i686.rpm5cb3aba4dd614e71be5cd66b61837ef5ELSA-2019-0711
pam_ssh_agent_auth-0.9.3-117.el6.i686.rpm86cac9b3611289b5097f9cb746b2e726ELSA-2019-0711
Oracle Linux 6 (x86_64) openssh-5.3p1-117.el6.src.rpm7baea3e8138c9587dfacf6e89d5677baELSA-2019-0711
openssh-5.3p1-117.el6.x86_64.rpm3f23f58626a10f4537bf95ea810ae885ELSA-2019-0711
openssh-askpass-5.3p1-117.el6.x86_64.rpm91239ff52728000e99f4e895799b33beELSA-2019-0711
openssh-clients-5.3p1-117.el6.x86_64.rpmc5656e01d671568e60ea19df17106181ELSA-2019-0711
openssh-ldap-5.3p1-117.el6.x86_64.rpm0f71592c63718f8cdf831729271e4090ELSA-2019-0711
openssh-server-5.3p1-117.el6.x86_64.rpma377b677246c18fd0db5e7a3b93fed12ELSA-2019-0711
pam_ssh_agent_auth-0.9.3-117.el6.i686.rpm86cac9b3611289b5097f9cb746b2e726ELSA-2019-0711
pam_ssh_agent_auth-0.9.3-117.el6.x86_64.rpmbc76de1bc2d728db9ba3430cf7db25eeELSA-2019-0711



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete