Stay Connected:

ELSA-2024-12232

ELSA-2024-12232 - openssh security update

Type:SECURITY
Impact:MODERATE
Release Date:2024-03-19

Description


[7.4p1-23.0.3_fips]
- Change Epoch from 1 to 10
- Enable fips KDF POST [Orabug: 32461750]
- Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739]

[7.4p1-23.0.3]
- add KEX_INITIAL flag [Orabug: 36160445]
- implement 'strict key exchange' [CVE-2023-48795][Orabug: 36160445]


Related CVEs


CVE-2023-48795

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 7 (aarch64) openssh-7.4p1-23.0.3.el7_9_fips.src.rpm8a0de4efc44f695c4b5dced839a8233a7760764d659dddf6d6d8262836dbc5d7-ol7_aarch64_u8_security_validation
openssh-7.4p1-23.0.3.el7_9_fips.aarch64.rpm0aee085fdd599b47b2539e382ff6aa5c31b48d5e521a097a1b7ec1d0114c5aa9-ol7_aarch64_u8_security_validation
openssh-askpass-7.4p1-23.0.3.el7_9_fips.aarch64.rpm19401dbf1933fbdf56caed21dec3794575f0ed7fd9abe4b56a599a277b409a61-ol7_aarch64_u8_security_validation
openssh-cavs-7.4p1-23.0.3.el7_9_fips.aarch64.rpm7ea27265c07cd06df345cb6d8f4e0e503aa5bd2d3a13cece37c51193478c9726-ol7_aarch64_u8_security_validation
openssh-clients-7.4p1-23.0.3.el7_9_fips.aarch64.rpm20a1d89b53e99beb886ab4f41f0c9fcdd81d48a3b6632346a9ba295e964674c7-ol7_aarch64_u8_security_validation
openssh-keycat-7.4p1-23.0.3.el7_9_fips.aarch64.rpmb547678ccd693c2198f6d81854dbdfa659d6cb8adebe648e3f5085235f280479-ol7_aarch64_u8_security_validation
openssh-ldap-7.4p1-23.0.3.el7_9_fips.aarch64.rpm5202a9a889646d5058894e9b39d955822a2a75e14c5681c18f65ba213530a0df-ol7_aarch64_u8_security_validation
openssh-server-7.4p1-23.0.3.el7_9_fips.aarch64.rpm7c34667833670a8daab40c550b61c5772216675070864d89ab9b56bbfbe98cda-ol7_aarch64_u8_security_validation
openssh-server-sysvinit-7.4p1-23.0.3.el7_9_fips.aarch64.rpmeb5850ae155d6e985ddb1b8bb36bf552118d45e631908e8845fd289d3b8f637b-ol7_aarch64_u8_security_validation
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.aarch64.rpmc639bccd8bb7df260f73c4823dfee7e1474fab4d0c5ea26a2b3c1b26cac0d00a-ol7_aarch64_u8_security_validation
Oracle Linux 7 (x86_64) openssh-7.4p1-23.0.3.el7_9_fips.src.rpm8a0de4efc44f695c4b5dced839a8233a7760764d659dddf6d6d8262836dbc5d7-ol7_x86_64_u8_security_validation
openssh-7.4p1-23.0.3.el7_9_fips.x86_64.rpmca8ed5736237ff484366a9b7e429016b9719101e53d162c73681e2850b19fb2f-ol7_x86_64_u8_security_validation
openssh-askpass-7.4p1-23.0.3.el7_9_fips.x86_64.rpm1d5953f97a1165eb28aff1b48a0acf901fdcb4ba4d10f5e7bdc2ea5579f5ad7a-ol7_x86_64_u8_security_validation
openssh-cavs-7.4p1-23.0.3.el7_9_fips.x86_64.rpmd5a237eeecb530eb819bae03126351aba624f5fee16a0455bfae327c5be21868-ol7_x86_64_u8_security_validation
openssh-clients-7.4p1-23.0.3.el7_9_fips.x86_64.rpme77a2a097a3ef0f6bcfd46e71a68da9d4be370dd2092f75609568c27aa5f5e78-ol7_x86_64_u8_security_validation
openssh-keycat-7.4p1-23.0.3.el7_9_fips.x86_64.rpm0ac4219100932c463a55b4172d7f15d037385ba50871089f037a48c5087eb910-ol7_x86_64_u8_security_validation
openssh-ldap-7.4p1-23.0.3.el7_9_fips.x86_64.rpme3ca8e754ef43fea78941ae34060514978d200bb8a4d689cf3f43f990b2e22e2-ol7_x86_64_u8_security_validation
openssh-server-7.4p1-23.0.3.el7_9_fips.x86_64.rpmcf340124890743c02fc28122a08268c705b5c882b6a7a181df0ad80f0c4b86f6-ol7_x86_64_u8_security_validation
openssh-server-sysvinit-7.4p1-23.0.3.el7_9_fips.x86_64.rpmd2fcbeba93ab0bd4b4ffe18597aee70b00c2da30c7cc266d860ae9d713f3b10a-ol7_x86_64_u8_security_validation
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.i686.rpmc07cca159902c6a4c73c2b3d469e0966b991932269f960ec778c44d53722579e-ol7_x86_64_u8_security_validation
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.x86_64.rpmd917cdac0d2b8f8e312d5aaedbd5a65b58168930ed6cea28f69517ee6e03b9df-ol7_x86_64_u8_security_validation



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights