ELSA-2024-12164

ULN >
Oracle Linux Errata repository >
ELSA-2024-12164

ELSA-2024-12164 - openssh security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-02-14

Description

[8.0p1-19.0.1.2]
- Update patches for CVE-2023-51385, CVE-2023-48795 [Orabug: 36256632]

[8.0p1-19.2]
- Forbid shell metasymbols in username/hostname
Resolves: CVE-2023-51385
- Fix Terrapin attack
Resolves: CVE-2023-48795

Related CVEs

CVE-2023-48795

CVE-2023-51385

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	openssh-8.0p1-19.0.1.el8_9.2.src.rpm	16fc0be7a40366dbb772840f571b71c9c7595c81bf281b25294b88e34032da0a	-	ol8_aarch64_appstream
	openssh-8.0p1-19.0.1.el8_9.2.src.rpm	16fc0be7a40366dbb772840f571b71c9c7595c81bf281b25294b88e34032da0a	-	ol8_aarch64_baseos_latest
	openssh-8.0p1-19.0.1.el8_9.2.src.rpm	16fc0be7a40366dbb772840f571b71c9c7595c81bf281b25294b88e34032da0a	-	ol8_aarch64_u9_baseos_patch
	openssh-8.0p1-19.0.1.el8_9.2.aarch64.rpm	3896ed16b220f413c7e51cfcf9f348b049e2778b0216c5ca9646bf7b12533c17	-	ol8_aarch64_baseos_latest
	openssh-8.0p1-19.0.1.el8_9.2.aarch64.rpm	3896ed16b220f413c7e51cfcf9f348b049e2778b0216c5ca9646bf7b12533c17	-	ol8_aarch64_u9_baseos_patch
	openssh-askpass-8.0p1-19.0.1.el8_9.2.aarch64.rpm	3b7a7f195d05e0a159dc3ac2bda7e8177a4969eb9f1ebce1073a452cc9b29aec	-	ol8_aarch64_appstream
	openssh-cavs-8.0p1-19.0.1.el8_9.2.aarch64.rpm	95892eb639990867084a1e08f67caad0ce66415f7ed97c4b08e88cffc14ca80f	-	ol8_aarch64_baseos_latest
	openssh-cavs-8.0p1-19.0.1.el8_9.2.aarch64.rpm	95892eb639990867084a1e08f67caad0ce66415f7ed97c4b08e88cffc14ca80f	-	ol8_aarch64_u9_baseos_patch
	openssh-clients-8.0p1-19.0.1.el8_9.2.aarch64.rpm	2ca689d0d5f673de33fe58343ed9a80ac71607d31c152d05d369d9c317ea707c	-	ol8_aarch64_baseos_latest
	openssh-clients-8.0p1-19.0.1.el8_9.2.aarch64.rpm	2ca689d0d5f673de33fe58343ed9a80ac71607d31c152d05d369d9c317ea707c	-	ol8_aarch64_u9_baseos_patch
	openssh-keycat-8.0p1-19.0.1.el8_9.2.aarch64.rpm	b735ca6497cb568a11a238794338bd0adeeb6c64a2ae59f56c5cee061775984d	-	ol8_aarch64_baseos_latest
	openssh-keycat-8.0p1-19.0.1.el8_9.2.aarch64.rpm	b735ca6497cb568a11a238794338bd0adeeb6c64a2ae59f56c5cee061775984d	-	ol8_aarch64_u9_baseos_patch
	openssh-ldap-8.0p1-19.0.1.el8_9.2.aarch64.rpm	7bbb7bb3261cd333a2a1eda064a69e84e0a4a58bccc6095c43ae9a7f9c13f382	-	ol8_aarch64_baseos_latest
	openssh-ldap-8.0p1-19.0.1.el8_9.2.aarch64.rpm	7bbb7bb3261cd333a2a1eda064a69e84e0a4a58bccc6095c43ae9a7f9c13f382	-	ol8_aarch64_u9_baseos_patch
	openssh-server-8.0p1-19.0.1.el8_9.2.aarch64.rpm	65010b6a872ad26817a9b3e5db90ed2c942525d69d53a1161e8e8f9b0eeec4f0	-	ol8_aarch64_baseos_latest
	openssh-server-8.0p1-19.0.1.el8_9.2.aarch64.rpm	65010b6a872ad26817a9b3e5db90ed2c942525d69d53a1161e8e8f9b0eeec4f0	-	ol8_aarch64_u9_baseos_patch
	pam_ssh_agent_auth-0.10.3-7.19.0.1.el8_9.2.aarch64.rpm	e7f39ff1db2f3d122c87154eb70fe562bb2401a0c926b4ccccfc54fef9a6e4ab	-	ol8_aarch64_baseos_latest
	pam_ssh_agent_auth-0.10.3-7.19.0.1.el8_9.2.aarch64.rpm	e7f39ff1db2f3d122c87154eb70fe562bb2401a0c926b4ccccfc54fef9a6e4ab	-	ol8_aarch64_u9_baseos_patch

Oracle Linux 8 (x86_64)	openssh-8.0p1-19.0.1.el8_9.2.src.rpm	16fc0be7a40366dbb772840f571b71c9c7595c81bf281b25294b88e34032da0a	-	ol8_x86_64_appstream
	openssh-8.0p1-19.0.1.el8_9.2.src.rpm	16fc0be7a40366dbb772840f571b71c9c7595c81bf281b25294b88e34032da0a	-	ol8_x86_64_baseos_latest
	openssh-8.0p1-19.0.1.el8_9.2.src.rpm	16fc0be7a40366dbb772840f571b71c9c7595c81bf281b25294b88e34032da0a	-	ol8_x86_64_u9_baseos_patch
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	exadata_dbserver_23.1.12.0.0_x86_64_base
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	exadata_dbserver_23.1.13.0.0_x86_64_base
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	exadata_dbserver_23.1.14.0.0_x86_64_base
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	exadata_dbserver_24.1.0.0.0_x86_64_base
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	ol8_x86_64_baseos_latest
	openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm	84dd477f64126d201839aa351cfbd3b732a5b1ad40589d49a5fc62eb858f7983	-	ol8_x86_64_u9_baseos_patch
	openssh-askpass-8.0p1-19.0.1.el8_9.2.x86_64.rpm	bde645177c4647f94326bf3e602699e81dba8623a8d86f7cae4f9656d8ed8542	-	ol8_x86_64_appstream
	openssh-cavs-8.0p1-19.0.1.el8_9.2.x86_64.rpm	8dde57a19d0d886d836bc36f8f2bd68d092fba019111af88ba8f4a76d17cbbdd	-	ol8_x86_64_baseos_latest
	openssh-cavs-8.0p1-19.0.1.el8_9.2.x86_64.rpm	8dde57a19d0d886d836bc36f8f2bd68d092fba019111af88ba8f4a76d17cbbdd	-	ol8_x86_64_u9_baseos_patch
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	exadata_dbserver_23.1.12.0.0_x86_64_base
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	exadata_dbserver_23.1.13.0.0_x86_64_base
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	exadata_dbserver_23.1.14.0.0_x86_64_base
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	exadata_dbserver_24.1.0.0.0_x86_64_base
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	ol8_x86_64_baseos_latest
	openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm	835f55a131150226c49f1091b173e59c0c6e17d31f9050e0295a902deef1a3e9	-	ol8_x86_64_u9_baseos_patch
	openssh-keycat-8.0p1-19.0.1.el8_9.2.x86_64.rpm	17fd329664b5b619a0f004a3b5643621ddb63e4028c70b76ccf496562329d2ed	-	ol8_x86_64_baseos_latest
	openssh-keycat-8.0p1-19.0.1.el8_9.2.x86_64.rpm	17fd329664b5b619a0f004a3b5643621ddb63e4028c70b76ccf496562329d2ed	-	ol8_x86_64_u9_baseos_patch
	openssh-ldap-8.0p1-19.0.1.el8_9.2.x86_64.rpm	2bfdcf9f4c872f96569380668b99a09d4a9e87b92be174165692f6eca2dfb113	-	ol8_x86_64_baseos_latest
	openssh-ldap-8.0p1-19.0.1.el8_9.2.x86_64.rpm	2bfdcf9f4c872f96569380668b99a09d4a9e87b92be174165692f6eca2dfb113	-	ol8_x86_64_u9_baseos_patch
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	exadata_dbserver_23.1.12.0.0_x86_64_base
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	exadata_dbserver_23.1.13.0.0_x86_64_base
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	exadata_dbserver_23.1.14.0.0_x86_64_base
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	exadata_dbserver_24.1.0.0.0_x86_64_base
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	ol8_x86_64_baseos_latest
	openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm	d37ff88cf3533876c6fe49865ffd36381ebca8ed6df04909bb5f1e1f08fc1c67	-	ol8_x86_64_u9_baseos_patch
	pam_ssh_agent_auth-0.10.3-7.19.0.1.el8_9.2.x86_64.rpm	016d0b4b6cb497d4a044d11ef51882435baa007630286632ad54ec9d14061429	-	ol8_x86_64_baseos_latest
	pam_ssh_agent_auth-0.10.3-7.19.0.1.el8_9.2.x86_64.rpm	016d0b4b6cb497d4a044d11ef51882435baa007630286632ad54ec9d14061429	-	ol8_x86_64_u9_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691