ELSA-2019-3702
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-3702
ELSA-2019-3702 - openssh security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2019-11-14 |
Description
[8.0p1-3 + 0.10.3-7]
- Fix typos in manual pages (#1668325)
- Use the upstream support for PKCS#8 PEM files alongside with the legacy PEM files (#1712436)
- Unbreak ssh-keygen -A in FIPS mode (#1732424)
- Add missing RSA certificate types to offered hostkey types in FIPS mode (#1732449)
[8.0p1-2 + 0.10.3-7]
- Allow specifying a pin-value in PKCS #11 URI in ssh-add (#1639698)
- Whitelist another syscall variant for s390x cryptographic module (ibmca engine) (#1714915)
[8.0p1-1 + 0.10.3-7]
- New upstream release (#1691045)
- Remove support for unused VendorPatchLevel configuration option
- Fix kerberos cleanup procedures (#1683295)
- Do not negotiate arbitrary primes with DH GEX in FIPS (#1685096)
- Several GSSAPI key exchange improvements and sync with Debian
- Allow to use labels in PKCS#11 URIs even if they do not match on private key (#1671262)
- Do not fall back to sshd_net_t SELinux context (#1678695)
- Use FIPS compliant high-level signature OpenSSL API and KDF
- Mention crypto-policies in manual pages
- Do not fail if non-FIPS approved algorithm is enabled in FIPS
- Generate the PEM files in new PKCS#8 format without the need of MD5 (#1712436)
Related CVEs
| CVE-2018-20685 |
| CVE-2019-6109 |
| CVE-2019-6111 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 8 (aarch64) | openssh-8.0p1-3.el8.src.rpm | 48c18495c4a1509767db1a8451fd8b14 | - |
| openssh-8.0p1-3.el8.aarch64.rpm | d86df808c9769deeeae707756b9dc960 | - | |
| openssh-askpass-8.0p1-3.el8.aarch64.rpm | 2e01514cdc3ece3a136be20829d20e44 | - | |
| openssh-cavs-8.0p1-3.el8.aarch64.rpm | 9426302a7ae8486bfdd518654c915636 | - | |
| openssh-clients-8.0p1-3.el8.aarch64.rpm | 07b9c37ac84dad9bd06648eaadd9fd08 | - | |
| openssh-keycat-8.0p1-3.el8.aarch64.rpm | 42f31b97228249a23bfc4807fe36a6b5 | - | |
| openssh-ldap-8.0p1-3.el8.aarch64.rpm | 623c6d198a1b3a776b638b5c51364bb0 | - | |
| openssh-server-8.0p1-3.el8.aarch64.rpm | 66c10d10d5cec786aa948a300a835319 | - | |
| pam_ssh_agent_auth-0.10.3-7.3.el8.aarch64.rpm | 65d2dfe0bc9f4a584ae52fa688fa2a47 | - | |
| Oracle Linux 8 (x86_64) | openssh-8.0p1-3.el8.src.rpm | 48c18495c4a1509767db1a8451fd8b14 | - |
| openssh-8.0p1-3.el8.x86_64.rpm | 1da3dc489118d7d9263a61e9bacac751 | - | |
| openssh-askpass-8.0p1-3.el8.x86_64.rpm | 0abecefa265e0161dbdba3186db4c5aa | - | |
| openssh-cavs-8.0p1-3.el8.x86_64.rpm | 9b6ed33235faa2f6d443aa37b337a338 | - | |
| openssh-clients-8.0p1-3.el8.x86_64.rpm | 226f11dbdc0d89577aec5944234fa078 | - | |
| openssh-keycat-8.0p1-3.el8.x86_64.rpm | 51555e1441c6eaefeaf3db51e693a57e | - | |
| openssh-ldap-8.0p1-3.el8.x86_64.rpm | 7c7d5f50666eee208ea4b81d98f4a903 | - | |
| openssh-server-8.0p1-3.el8.x86_64.rpm | f550f4dac4e0786a96168a985461fb0e | - | |
| pam_ssh_agent_auth-0.10.3-7.3.el8.x86_64.rpm | dfc3693996ba735e88437378ecbaf2bc | - | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
