ELSA-2024-12158

ULN >
Oracle Linux Errata repository >
ELSA-2024-12158

ELSA-2024-12158 - openssh security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-02-13

Description

[7.4p1-23.0.3]
- add KEX_INITIAL flag [Orabug: 36160445]
- implement 'strict key exchange' [CVE-2023-48795][Orabug: 36160445]

Related CVEs

CVE-2023-48795

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	openssh-7.4p1-23.0.3.el7_9.src.rpm	02795d91a11c92f6fa9a027f746f3f25	-	ol7_aarch64_latest
	openssh-7.4p1-23.0.3.el7_9.src.rpm	02795d91a11c92f6fa9a027f746f3f25	-	ol7_aarch64_optional_latest
	openssh-7.4p1-23.0.3.el7_9.src.rpm	02795d91a11c92f6fa9a027f746f3f25	-	ol7_aarch64_u9_patch
	openssh-7.4p1-23.0.3.el7_9.aarch64.rpm	9b7c8c08d6ddd1503e73d57067df5b3f	-	ol7_aarch64_latest
	openssh-7.4p1-23.0.3.el7_9.aarch64.rpm	9b7c8c08d6ddd1503e73d57067df5b3f	-	ol7_aarch64_u9_patch
	openssh-askpass-7.4p1-23.0.3.el7_9.aarch64.rpm	743010ed145b726b9559eb8b1679fd23	-	ol7_aarch64_latest
	openssh-askpass-7.4p1-23.0.3.el7_9.aarch64.rpm	743010ed145b726b9559eb8b1679fd23	-	ol7_aarch64_u9_patch
	openssh-cavs-7.4p1-23.0.3.el7_9.aarch64.rpm	106586c08b6c3c04e0bdd4811ca4a176	-	ol7_aarch64_optional_latest
	openssh-clients-7.4p1-23.0.3.el7_9.aarch64.rpm	638c04dd9efaa66f4ffbd8aeb46cc0e1	-	ol7_aarch64_latest
	openssh-clients-7.4p1-23.0.3.el7_9.aarch64.rpm	638c04dd9efaa66f4ffbd8aeb46cc0e1	-	ol7_aarch64_u9_patch
	openssh-keycat-7.4p1-23.0.3.el7_9.aarch64.rpm	1665673fc405cce1ab97e97b1b11b985	-	ol7_aarch64_latest
	openssh-keycat-7.4p1-23.0.3.el7_9.aarch64.rpm	1665673fc405cce1ab97e97b1b11b985	-	ol7_aarch64_u9_patch
	openssh-ldap-7.4p1-23.0.3.el7_9.aarch64.rpm	5affd7546b9bee5c6225527461b18371	-	ol7_aarch64_optional_latest
	openssh-server-7.4p1-23.0.3.el7_9.aarch64.rpm	f7ae9505931203f898bf11a8fc5c882c	-	ol7_aarch64_latest
	openssh-server-7.4p1-23.0.3.el7_9.aarch64.rpm	f7ae9505931203f898bf11a8fc5c882c	-	ol7_aarch64_u9_patch
	openssh-server-sysvinit-7.4p1-23.0.3.el7_9.aarch64.rpm	8f64d48972d9bf72471615f9e26a82bc	-	ol7_aarch64_optional_latest
	pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.aarch64.rpm	3527a4b9931583edde78948f5f1867f4	-	ol7_aarch64_optional_latest

Oracle Linux 7 (x86_64)	openssh-7.4p1-23.0.3.el7_9.src.rpm	02795d91a11c92f6fa9a027f746f3f25	-	ol7_x86_64_latest
	openssh-7.4p1-23.0.3.el7_9.src.rpm	02795d91a11c92f6fa9a027f746f3f25	-	ol7_x86_64_optional_latest
	openssh-7.4p1-23.0.3.el7_9.src.rpm	02795d91a11c92f6fa9a027f746f3f25	-	ol7_x86_64_u9_patch
	openssh-7.4p1-23.0.3.el7_9.x86_64.rpm	69f7d4cee977cdf3a271e0d7d494734d	-	ol7_x86_64_latest
	openssh-7.4p1-23.0.3.el7_9.x86_64.rpm	69f7d4cee977cdf3a271e0d7d494734d	-	ol7_x86_64_u9_patch
	openssh-askpass-7.4p1-23.0.3.el7_9.x86_64.rpm	930ccaa5ac1783d5e3d8adf8bdcda5a6	-	ol7_x86_64_latest
	openssh-askpass-7.4p1-23.0.3.el7_9.x86_64.rpm	930ccaa5ac1783d5e3d8adf8bdcda5a6	-	ol7_x86_64_u9_patch
	openssh-cavs-7.4p1-23.0.3.el7_9.x86_64.rpm	aefbf85a09b19656289859c398187d4a	-	ol7_x86_64_optional_latest
	openssh-clients-7.4p1-23.0.3.el7_9.x86_64.rpm	b177306251586d1cdf8440df0f676455	-	ol7_x86_64_latest
	openssh-clients-7.4p1-23.0.3.el7_9.x86_64.rpm	b177306251586d1cdf8440df0f676455	-	ol7_x86_64_u9_patch
	openssh-keycat-7.4p1-23.0.3.el7_9.x86_64.rpm	ba1fbffc5848603f7926450b427dfb22	-	ol7_x86_64_latest
	openssh-keycat-7.4p1-23.0.3.el7_9.x86_64.rpm	ba1fbffc5848603f7926450b427dfb22	-	ol7_x86_64_u9_patch
	openssh-ldap-7.4p1-23.0.3.el7_9.x86_64.rpm	3fbeb9876ae0722d2bbce75a1b7438fd	-	ol7_x86_64_optional_latest
	openssh-server-7.4p1-23.0.3.el7_9.x86_64.rpm	2a661c4cfe57e860e1bd49e34a9ebd22	-	ol7_x86_64_latest
	openssh-server-7.4p1-23.0.3.el7_9.x86_64.rpm	2a661c4cfe57e860e1bd49e34a9ebd22	-	ol7_x86_64_u9_patch
	openssh-server-sysvinit-7.4p1-23.0.3.el7_9.x86_64.rpm	f74d2d887c1c5bd11d9019e99d87e377	-	ol7_x86_64_optional_latest
	pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.i686.rpm	67a1b941197a0107171b57bc68bec899	-	ol7_x86_64_optional_latest
	pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.x86_64.rpm	afe34884263cec0a0d2a5b064fc1ede9	-	ol7_x86_64_optional_latest

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691