ELSA-2023-12711

ULN >
Oracle Linux Errata repository >
ELSA-2023-12711

ELSA-2023-12711 - openssh security update

Type:	SECURITY
Severity:	CRITICAL
Release Date:	2023-08-10

Description

[7.4p1-23.0.1_fips]
- Change Epoch from 1 to 10
- Enable fips KDF POST [Orabug: 32461750]
- Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739]

[7.4p1-23.0.1]
- enlarge format buffer size for certificate serial
number so the log message can record any 64-bit integer without
truncation (openssh bz#3012) [Orabug: 30448895]

[7.4p1-23 + 0.10.3-2]
- Avoid remote code execution in ssh-agent PKCS#11 support
Resolves: CVE-2023-38408

Related CVEs

CVE-2023-38408

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (aarch64)	openssh-7.4p1-23.0.1.el7_9_fips.src.rpm	987f51bdeb28dabbcc9d983ffe78228e	-
	openssh-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	59ca02c0844260f00b37f752207c29a8	-
	openssh-askpass-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	6ca99af670aa223b98ea09cdb57d36c7	-
	openssh-cavs-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	723c6b0e4a1cb83ee0cf43aec394820d	-
	openssh-clients-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	8e834e0682fceddc94e5ce51e86890ce	-
	openssh-keycat-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	5b75e103cff501a8cbc288c8bd5446b4	-
	openssh-ldap-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	70418b8e07acbb3cfea74aa86ddcc3bf	-
	openssh-server-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	da3488e999e792ea789eff5274d2a68c	-
	openssh-server-sysvinit-7.4p1-23.0.1.el7_9_fips.aarch64.rpm	4b759057d44bcd3578c30edfe1dae164	-
	pam_ssh_agent_auth-0.10.3-2.23.0.1.el7_9_fips.aarch64.rpm	7c50bc5bfc1e652e826e797ce82abe44	-

Oracle Linux 7 (x86_64)	openssh-7.4p1-23.0.1.el7_9_fips.src.rpm	987f51bdeb28dabbcc9d983ffe78228e	-
	openssh-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	2c28dfe65dd6b252b404202b3b495f5d	-
	openssh-askpass-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	b631f493c5aa3bd41f0b8f6bed70a848	-
	openssh-cavs-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	3443e9e190a24f2394a9fd5d23768f86	-
	openssh-clients-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	eadace3143650b13da6efd8b01684637	-
	openssh-keycat-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	972b86539528bd82e592e9a6398a32a2	-
	openssh-ldap-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	522f1880947596ac9554ccc4c6581c1c	-
	openssh-server-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	cf63e29ec75ec9b8bda75eb7f64d1df5	-
	openssh-server-sysvinit-7.4p1-23.0.1.el7_9_fips.x86_64.rpm	6f11b84600d47c99f95cd3c38c4846e0	-
	pam_ssh_agent_auth-0.10.3-2.23.0.1.el7_9_fips.i686.rpm	c868926cb91f0cb451ea7219564840bb	-
	pam_ssh_agent_auth-0.10.3-2.23.0.1.el7_9_fips.x86_64.rpm	ca83894f25bcd9627231f5f649bf86ad	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691