ELSA-2021-4368

ELSA-2021-4368 - openssh security update

Type:SECURITY
Impact:MODERATE
Release Date:2021-11-16

Description


[8.0p1-10]
- sshd -T requires -C when 'Match' is used in sshd_config (#1836277)

[8.0p1-9]
- CVE-2020-14145 openssh: Observable Discrepancy leading to an information
leak in the algorithm negotiation (#1882252)
- Hostbased ssh authentication fails if session ID contains a '/' (#1944125)

[8.0p1-8]
- ssh doesnt restore the blocking mode on standard output (#1942901)

[8.0p1-7 + 0.10.3-7]
- SFTP sort upon the modification time (#1909988)
- ssh-keygen printing fingerprint issue with Windows keys (#1901518)
- PIN is lost when iterating over tokens when adding pkcs11 keys to ssh-agent (#1843372)
- ssh-agent segfaults during ssh-add -s pkcs11 (#1868996)
- ssh-copy-id could not resolve ipv6 address ends with colon (#1933517)
- sshd provides PAM an incorrect error code (#1879503)


Related CVEs


CVE-2020-14145

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) openssh-8.0p1-10.el8.src.rpm4a74556994e53783f8fbbfc85b6e7e17f0b6e355342ade6f52d0c92e1e3a470f-ol8_aarch64_appstream
openssh-8.0p1-10.el8.src.rpm4a74556994e53783f8fbbfc85b6e7e17f0b6e355342ade6f52d0c92e1e3a470f-ol8_aarch64_baseos_latest
openssh-8.0p1-10.el8.src.rpm4a74556994e53783f8fbbfc85b6e7e17f0b6e355342ade6f52d0c92e1e3a470f-ol8_aarch64_u5_baseos_base
openssh-8.0p1-10.el8.aarch64.rpm5aafae8d2ef58b15ead6983b32bf455a4751af67a6379c4893ab9503e6bc7dcb-ol8_aarch64_baseos_latest
openssh-8.0p1-10.el8.aarch64.rpm5aafae8d2ef58b15ead6983b32bf455a4751af67a6379c4893ab9503e6bc7dcb-ol8_aarch64_u5_baseos_base
openssh-askpass-8.0p1-10.el8.aarch64.rpm1f22227e4e4e9bca81a78ff693331a63ed7ed06a1ea612833b85a3ee1f8864a5-ol8_aarch64_appstream
openssh-cavs-8.0p1-10.el8.aarch64.rpm4d311402d978a91b22fdf0b2538dbcbd96b60ae99750f27eda049053c7d2fa85-ol8_aarch64_baseos_latest
openssh-cavs-8.0p1-10.el8.aarch64.rpm4d311402d978a91b22fdf0b2538dbcbd96b60ae99750f27eda049053c7d2fa85-ol8_aarch64_u5_baseos_base
openssh-clients-8.0p1-10.el8.aarch64.rpm8ee0a1309751cc8ac9c07f011bd8e6391491ed4895531844c31e7a9640b65c8b-ol8_aarch64_baseos_latest
openssh-clients-8.0p1-10.el8.aarch64.rpm8ee0a1309751cc8ac9c07f011bd8e6391491ed4895531844c31e7a9640b65c8b-ol8_aarch64_u5_baseos_base
openssh-keycat-8.0p1-10.el8.aarch64.rpmbcca20ed089efa289a9ac7119685f2fe62f5199bb9c3642e2a2bd6125893d0d2-ol8_aarch64_baseos_latest
openssh-keycat-8.0p1-10.el8.aarch64.rpmbcca20ed089efa289a9ac7119685f2fe62f5199bb9c3642e2a2bd6125893d0d2-ol8_aarch64_u5_baseos_base
openssh-ldap-8.0p1-10.el8.aarch64.rpm30ad4e3b6310a160a3fe70b7b4a9ae2582c873fea452747909a23e155a0b5c70-ol8_aarch64_baseos_latest
openssh-ldap-8.0p1-10.el8.aarch64.rpm30ad4e3b6310a160a3fe70b7b4a9ae2582c873fea452747909a23e155a0b5c70-ol8_aarch64_u5_baseos_base
openssh-server-8.0p1-10.el8.aarch64.rpm2e8623057ca2c89e73ae7974ff1e358f74398d1e86df4df8b75ee119753ac842-ol8_aarch64_baseos_latest
openssh-server-8.0p1-10.el8.aarch64.rpm2e8623057ca2c89e73ae7974ff1e358f74398d1e86df4df8b75ee119753ac842-ol8_aarch64_u5_baseos_base
pam_ssh_agent_auth-0.10.3-7.10.el8.aarch64.rpm36b283623d88ec8bd16c0b95b3cb7919787e2abfc0ed1666b61608eac6585d17-ol8_aarch64_baseos_latest
pam_ssh_agent_auth-0.10.3-7.10.el8.aarch64.rpm36b283623d88ec8bd16c0b95b3cb7919787e2abfc0ed1666b61608eac6585d17-ol8_aarch64_u5_baseos_base
Oracle Linux 8 (x86_64) openssh-8.0p1-10.el8.src.rpm4a74556994e53783f8fbbfc85b6e7e17f0b6e355342ade6f52d0c92e1e3a470f-ol8_x86_64_appstream
openssh-8.0p1-10.el8.src.rpm4a74556994e53783f8fbbfc85b6e7e17f0b6e355342ade6f52d0c92e1e3a470f-ol8_x86_64_baseos_latest
openssh-8.0p1-10.el8.src.rpm4a74556994e53783f8fbbfc85b6e7e17f0b6e355342ade6f52d0c92e1e3a470f-ol8_x86_64_u5_baseos_base
openssh-8.0p1-10.el8.x86_64.rpm2a4b7495b582dbbcf5cb2f46502188543f9605121c3deee021a20f7f533707a7-ol8_x86_64_baseos_latest
openssh-8.0p1-10.el8.x86_64.rpm2a4b7495b582dbbcf5cb2f46502188543f9605121c3deee021a20f7f533707a7-ol8_x86_64_u5_baseos_base
openssh-askpass-8.0p1-10.el8.x86_64.rpmaebe0de3a4d9c9c52c6cd62f737e7534e28e1a26bb55c909d834169156c5330b-ol8_x86_64_appstream
openssh-cavs-8.0p1-10.el8.x86_64.rpme6e742ef4666811b9149ee7708303fd7586fcb29a93da074f62fb7f41138bbf4-ol8_x86_64_baseos_latest
openssh-cavs-8.0p1-10.el8.x86_64.rpme6e742ef4666811b9149ee7708303fd7586fcb29a93da074f62fb7f41138bbf4-ol8_x86_64_u5_baseos_base
openssh-clients-8.0p1-10.el8.x86_64.rpmdd24a103ffc54e1f2c6b06eef5b08bfe83b9555cecff1f1f1d6f572b115320fb-ol8_x86_64_baseos_latest
openssh-clients-8.0p1-10.el8.x86_64.rpmdd24a103ffc54e1f2c6b06eef5b08bfe83b9555cecff1f1f1d6f572b115320fb-ol8_x86_64_u5_baseos_base
openssh-keycat-8.0p1-10.el8.x86_64.rpm21725da573337564be97771736948d408cefd07c68629a598f4d6d491854b887-ol8_x86_64_baseos_latest
openssh-keycat-8.0p1-10.el8.x86_64.rpm21725da573337564be97771736948d408cefd07c68629a598f4d6d491854b887-ol8_x86_64_u5_baseos_base
openssh-ldap-8.0p1-10.el8.x86_64.rpm887e15f73673801b14225b74f7bcc856e538fb1a4caab29cf92db39964c61684-ol8_x86_64_baseos_latest
openssh-ldap-8.0p1-10.el8.x86_64.rpm887e15f73673801b14225b74f7bcc856e538fb1a4caab29cf92db39964c61684-ol8_x86_64_u5_baseos_base
openssh-server-8.0p1-10.el8.x86_64.rpm3ca7503c61c8eaef81d131fa6ab093fad8ef9fed81b7436f720682c0737ad2f6-ol8_x86_64_baseos_latest
openssh-server-8.0p1-10.el8.x86_64.rpm3ca7503c61c8eaef81d131fa6ab093fad8ef9fed81b7436f720682c0737ad2f6-ol8_x86_64_u5_baseos_base
pam_ssh_agent_auth-0.10.3-7.10.el8.x86_64.rpmc20bcbd3aee89a21ecec3907cc88452fdd921df76b2950aa1a1bc39971363813-ol8_x86_64_baseos_latest
pam_ssh_agent_auth-0.10.3-7.10.el8.x86_64.rpmc20bcbd3aee89a21ecec3907cc88452fdd921df76b2950aa1a1bc39971363813-ol8_x86_64_u5_baseos_base



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete