ELSA-2016-3531

ULN >
Oracle Linux Errata repository >
ELSA-2016-3531

ELSA-2016-3531 - openssh security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2016-04-03

Description

[4.3p2-82.0.2]
- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices (John Haxby) [orabug 22985024]
- CVE-2016-3115: missing sanitisation of input for X11 forwarding (John Haxby) [orabug 22985024]

Related CVEs

CVE-2015-5600

CVE-2016-3115

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 5 (i386)	openssh-4.3p2-82.0.2.el5.src.rpm	11d3e9b21996044a3072687bd44c0571	-
	openssh-4.3p2-82.0.2.el5.i386.rpm	9ea5a8d23538a9d0a6af1919d5272e64	-
	openssh-askpass-4.3p2-82.0.2.el5.i386.rpm	06e4906ae777a2888833581d47ed28dd	-
	openssh-clients-4.3p2-82.0.2.el5.i386.rpm	35204fed02bbbac07f5f27ebf3e97641	-
	openssh-server-4.3p2-82.0.2.el5.i386.rpm	f6da6b684a335ae6ff4da7e6c6267187	-

Oracle Linux 5 (ia64)	openssh-4.3p2-82.0.2.el5.src.rpm	11d3e9b21996044a3072687bd44c0571	-
	openssh-4.3p2-82.0.2.el5.ia64.rpm	28089d4539fc6cf28d0c427cc22e8347	-
	openssh-askpass-4.3p2-82.0.2.el5.ia64.rpm	a592e9288d7ffbf4c16c7858d828928e	-
	openssh-clients-4.3p2-82.0.2.el5.ia64.rpm	d8353d325e6150ca6c617daca0353c01	-
	openssh-server-4.3p2-82.0.2.el5.ia64.rpm	4c21fa0284e30eaa091f4701bbb8016e	-

Oracle Linux 5 (x86_64)	openssh-4.3p2-82.0.2.el5.src.rpm	11d3e9b21996044a3072687bd44c0571	-
	openssh-4.3p2-82.0.2.el5.x86_64.rpm	5e5dcad6d25b1708f216f566137f8b49	-
	openssh-askpass-4.3p2-82.0.2.el5.x86_64.rpm	019be3a5265cb6a8113d06112b2992fe	-
	openssh-clients-4.3p2-82.0.2.el5.x86_64.rpm	06c05d4a4b68a118fd5287d3ec3fa2f2	-
	openssh-server-4.3p2-82.0.2.el5.x86_64.rpm	445304530f1ce31280fd5ffcbb0e2b16	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691