Stay Connected:

ELSA-2016-2588

ELSA-2016-2588 - openssh security, bug fix, and enhancement update

Type:SECURITY
Impact:MODERATE
Release Date:2016-11-09

Description


[6.6.1p1-31 + 0.9.3-9]
- Do not depend on selinux-policy (#1373297)

[6.6.1p1-30 + 0.9.3-9]
- Drop dependency on libcap-ng for ssh-keycat (#1357859)

[6.6.1p1-29 + 0.9.3-9]
- Rework SELinux context handling with chroot using libcap-ng (#1357859)

[6.6.1p1-28 + 0.9.3-9]
- SFTP force permission collision with umask (#1344614)
- Make closefrom() ignore FD's to /dev/ devices on s390 (#1318760)
- Create a default value for AuthenticationMethods any (#1237129)
- Fix ssh-copy-id with LogLevel=quiet (#1349556)
- Expose more information to PAM (#1312304)
- Move MAX_DISPLAYS to a configuration option (#1341302)
- Add a wildcard option to PermitOpen directive (host) (#1344106)

[6.6.1p1-27 + 0.9.3-9]
- Coverity and RPMDiff build issues (#1334326)
- CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes (#1329191)
- Check for real location of .k5login file (#1328243)
- close ControlPersist background process stderr (#1335540)

[6.6.1p1-26 + 0.9.3-9]
- Drop glob patch for sftp client preventing listing many files (#1310303)
- Fix race condition between audit messages from different processes (#1310684)
- Make systemd service forking to properly report state (#1291172)
- Get rid of rpm triggers for openssh-5.x (#1312013)
- Generate the host keys when the key files are empty (#1266043)
- pam_ssh_agent_auth: authorized_keys_command option (#1317858)
- Don't use MD5 digest from pam_ssh_agent_auth in FIPS mode (#1317952)


Related CVEs


CVE-2015-8325

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (x86_64) openssh-6.6.1p1-31.el7.src.rpm717f2a8a22aeb73eda97e53f46b4cfd36eee9845adbff07f2db3324a89b657f0ELSA-2024-12233ol7_x86_64_latest_archive
openssh-6.6.1p1-31.el7.src.rpm717f2a8a22aeb73eda97e53f46b4cfd36eee9845adbff07f2db3324a89b657f0ELSA-2024-12233ol7_x86_64_optional_archive
openssh-6.6.1p1-31.el7.src.rpm717f2a8a22aeb73eda97e53f46b4cfd36eee9845adbff07f2db3324a89b657f0ELSA-2024-12233ol7_x86_64_u3_base
openssh-6.6.1p1-31.el7.x86_64.rpmdd789103b213880f7a175f311f85b563ea3751ac104e0a0b44c6e635ef26b63bELSA-2024-12233ol7_x86_64_latest_archive
openssh-6.6.1p1-31.el7.x86_64.rpmdd789103b213880f7a175f311f85b563ea3751ac104e0a0b44c6e635ef26b63bELSA-2024-12233ol7_x86_64_u3_base
openssh-askpass-6.6.1p1-31.el7.x86_64.rpm81503cd4bba7ce140c6ef2b5402aa3d3815ae0a736739ed8125e212d1744d08dELSA-2024-12233ol7_x86_64_latest_archive
openssh-askpass-6.6.1p1-31.el7.x86_64.rpm81503cd4bba7ce140c6ef2b5402aa3d3815ae0a736739ed8125e212d1744d08dELSA-2024-12233ol7_x86_64_u3_base
openssh-clients-6.6.1p1-31.el7.x86_64.rpm5da4d6afc580602b297a8da10ccf467687f6bd5b75500b125acb21c11bba394cELSA-2024-12233ol7_x86_64_latest_archive
openssh-clients-6.6.1p1-31.el7.x86_64.rpm5da4d6afc580602b297a8da10ccf467687f6bd5b75500b125acb21c11bba394cELSA-2024-12233ol7_x86_64_u3_base
openssh-keycat-6.6.1p1-31.el7.x86_64.rpm4ed2c4bb9a1bbfb5ab71e5475b8c0bd75fa7a2407139e3a71b7d4c9b029039d6ELSA-2024-12233ol7_x86_64_latest_archive
openssh-keycat-6.6.1p1-31.el7.x86_64.rpm4ed2c4bb9a1bbfb5ab71e5475b8c0bd75fa7a2407139e3a71b7d4c9b029039d6ELSA-2024-12233ol7_x86_64_u3_base
openssh-ldap-6.6.1p1-31.el7.x86_64.rpm834c0e374c4f79ac77efc8d65bf99d28d0f23ba4a00cc179c96cf5979984aee9ELSA-2024-12233ol7_x86_64_optional_archive
openssh-server-6.6.1p1-31.el7.x86_64.rpm047b872d2bc7e5c0c5322412311a23db62e9d278f4628f5ba902c3805fcfc7f6ELSA-2024-12233ol7_x86_64_latest_archive
openssh-server-6.6.1p1-31.el7.x86_64.rpm047b872d2bc7e5c0c5322412311a23db62e9d278f4628f5ba902c3805fcfc7f6ELSA-2024-12233ol7_x86_64_u3_base
openssh-server-sysvinit-6.6.1p1-31.el7.x86_64.rpm283235e53f5449785d05721ea4fd42b680f6846957134547e31eccfab1a401a9ELSA-2024-12233ol7_x86_64_optional_archive
pam_ssh_agent_auth-0.9.3-9.31.el7.i686.rpm1fe5219ceb212a91939444c068262d711c777efe21800bff5a0ebfc5b807caefELSA-2024-12233ol7_x86_64_optional_archive
pam_ssh_agent_auth-0.9.3-9.31.el7.x86_64.rpm1c03bf74a7381e79d4ffd1e7fd7030e20f7be7f75ba19cf5c06341efd004a86eELSA-2024-12233ol7_x86_64_optional_archive



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights