ELSA-2024-12232

ULN >
Oracle Linux Errata repository >
ELSA-2024-12232

ELSA-2024-12232 - openssh security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2024-03-19

Description

[7.4p1-23.0.3_fips]
- Change Epoch from 1 to 10
- Enable fips KDF POST [Orabug: 32461750]
- Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739]

[7.4p1-23.0.3]
- add KEX_INITIAL flag [Orabug: 36160445]
- implement 'strict key exchange' [CVE-2023-48795][Orabug: 36160445]

Related CVEs

CVE-2023-48795

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory	Channel Label

Oracle Linux 7 (aarch64)	openssh-7.4p1-23.0.3.el7_9_fips.src.rpm	d9f15ca3383dd7ad9810e19632b97f9c	-	ol7_aarch64_u8_security_validation
	openssh-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	eb12b7e3676c5bcced4f1bc1c17d1052	-	ol7_aarch64_u8_security_validation
	openssh-askpass-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	5e7676d3987cc51b15ecc1d00f3c8560	-	ol7_aarch64_u8_security_validation
	openssh-cavs-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	beccd0f804fe2f5b2298b5066b67d671	-	ol7_aarch64_u8_security_validation
	openssh-clients-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	52854fed3ccbbad52d92ef64bec2256c	-	ol7_aarch64_u8_security_validation
	openssh-keycat-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	2be0f2544ded028292c01d3bc21a3fe4	-	ol7_aarch64_u8_security_validation
	openssh-ldap-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	11d72a8305f10dc3013542a448650026	-	ol7_aarch64_u8_security_validation
	openssh-server-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	febca845c474dfa475520ec3cfd94507	-	ol7_aarch64_u8_security_validation
	openssh-server-sysvinit-7.4p1-23.0.3.el7_9_fips.aarch64.rpm	9706c257b8ad83f5362a57ae02b447b2	-	ol7_aarch64_u8_security_validation
	pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.aarch64.rpm	3e9df918fd205e559968a413b04c83da	-	ol7_aarch64_u8_security_validation

Oracle Linux 7 (x86_64)	openssh-7.4p1-23.0.3.el7_9_fips.src.rpm	9397f066880d389254ffcf6580649a4a	-	ol7_x86_64_u8_security_validation
	openssh-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	6b2c1c475d2d37f62c04eedfccb4f6cc	-	ol7_x86_64_u8_security_validation
	openssh-askpass-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	c7bcbc4f7bdb931dc23bf111d369f599	-	ol7_x86_64_u8_security_validation
	openssh-cavs-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	98bab87428ca68f1bc6822f2566fd6c5	-	ol7_x86_64_u8_security_validation
	openssh-clients-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	1f0b58554f2dc0fccf322dc4258bfa6a	-	ol7_x86_64_u8_security_validation
	openssh-keycat-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	af522773ede9fd1ae6f4879b600a2dcd	-	ol7_x86_64_u8_security_validation
	openssh-ldap-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	53fedc838e529adc1d08e3c8c2bd539f	-	ol7_x86_64_u8_security_validation
	openssh-server-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	04d83e1c14a5f477f8a5df712bb24406	-	ol7_x86_64_u8_security_validation
	openssh-server-sysvinit-7.4p1-23.0.3.el7_9_fips.x86_64.rpm	3d30c8f8676d6d3185829fd48cb69ce7	-	ol7_x86_64_u8_security_validation
	pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.i686.rpm	f67449ae44aca07ce3a1f64cfc50e14e	-	ol7_x86_64_u8_security_validation
	pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9_fips.x86_64.rpm	f7df596b784e3e847e969ebc63929000	-	ol7_x86_64_u8_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691