ELSA-2024-3166

ULN >
Oracle Linux Errata repository >
ELSA-2024-3166

ELSA-2024-3166 - openssh security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-05-23

Description

[8.0p1-24.0.1]
- Update upstream references [Orabug: 36587718]

[8.0p1-24]
- Providing a kill switch for scp to deal with CVE-2020-15778
Resolves: RHEL-22870

[8.0p1-23]
- Fix Terrapin attack
Resolves: RHEL-19308

[8.0p1-22]
- Fix Terrapin attack
Resolves: RHEL-19308
- Forbid shell metasymbols in username/hostname
Resolves: RHEL-19788

[8.0p1-21]
- Using DigestSign/DigestVerify functions for better FIPS compatibility
Resolves: RHEL-5217

[8.0p1-20]
- Limit artificial delays in sshd while login using AD user
Resolves: RHEL-1684
- Add comment to OpenSSH server config about FIPS-incompatible key
Resolves: RHEL-5221
- Avoid killing all processes on system in case of race condition
Resolves: RHEL-11548
- Avoid sshd_config 256K limit
Resolves: RHEL-5279
- Using DigestSign/DigestVerify functions for better FIPS compatibility
Resolves: RHEL-5217
- Fix GSS KEX causing ssh failures when connecting to WinSSHD
Resolves: RHEL-5321

Related CVEs

CVE-2020-15778

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	openssh-8.0p1-24.0.1.el8.src.rpm	c9a50aaf68d131a238e7b1d0b4561b3bdb696838d7d61bc44892e77f947f5127	-	ol8_aarch64_appstream
	openssh-8.0p1-24.0.1.el8.src.rpm	c9a50aaf68d131a238e7b1d0b4561b3bdb696838d7d61bc44892e77f947f5127	-	ol8_aarch64_baseos_latest
	openssh-8.0p1-24.0.1.el8.src.rpm	c9a50aaf68d131a238e7b1d0b4561b3bdb696838d7d61bc44892e77f947f5127	-	ol8_aarch64_u10_baseos_base
	openssh-8.0p1-24.0.1.el8.aarch64.rpm	f45670545c28873d6e5d5e7adcccb561af753b0979acde0c54377e98ecfe835b	-	ol8_aarch64_baseos_latest
	openssh-8.0p1-24.0.1.el8.aarch64.rpm	f45670545c28873d6e5d5e7adcccb561af753b0979acde0c54377e98ecfe835b	-	ol8_aarch64_u10_baseos_base
	openssh-askpass-8.0p1-24.0.1.el8.aarch64.rpm	13035f589e84a728cef654407fcd6d7601f992f83276bcee17a35a06a808dd87	-	ol8_aarch64_appstream
	openssh-cavs-8.0p1-24.0.1.el8.aarch64.rpm	49eeb346351297e5d661135a09fb6d4a150d87e99d58ba4339522456b1c28dbe	-	ol8_aarch64_baseos_latest
	openssh-cavs-8.0p1-24.0.1.el8.aarch64.rpm	49eeb346351297e5d661135a09fb6d4a150d87e99d58ba4339522456b1c28dbe	-	ol8_aarch64_u10_baseos_base
	openssh-clients-8.0p1-24.0.1.el8.aarch64.rpm	f52758338e49a1173e85cbc87815d95866898f61994932ba2f162fc64c54af8d	-	ol8_aarch64_baseos_latest
	openssh-clients-8.0p1-24.0.1.el8.aarch64.rpm	f52758338e49a1173e85cbc87815d95866898f61994932ba2f162fc64c54af8d	-	ol8_aarch64_u10_baseos_base
	openssh-keycat-8.0p1-24.0.1.el8.aarch64.rpm	a3feb6d07a00165894c7bf057b696a170700a577b38d4d08220ece4a4579c41e	-	ol8_aarch64_baseos_latest
	openssh-keycat-8.0p1-24.0.1.el8.aarch64.rpm	a3feb6d07a00165894c7bf057b696a170700a577b38d4d08220ece4a4579c41e	-	ol8_aarch64_u10_baseos_base
	openssh-ldap-8.0p1-24.0.1.el8.aarch64.rpm	098f435a8494deebe82e290df518ada5e33f47b850758e78f48aab0ff67a1a8d	-	ol8_aarch64_baseos_latest
	openssh-ldap-8.0p1-24.0.1.el8.aarch64.rpm	098f435a8494deebe82e290df518ada5e33f47b850758e78f48aab0ff67a1a8d	-	ol8_aarch64_u10_baseos_base
	openssh-server-8.0p1-24.0.1.el8.aarch64.rpm	d2538a1d50f377939ae35bf8c195af46d7173d7462c784ac6552bf37e985bfd3	-	ol8_aarch64_baseos_latest
	openssh-server-8.0p1-24.0.1.el8.aarch64.rpm	d2538a1d50f377939ae35bf8c195af46d7173d7462c784ac6552bf37e985bfd3	-	ol8_aarch64_u10_baseos_base
	pam_ssh_agent_auth-0.10.3-7.24.0.1.el8.aarch64.rpm	ef64214132fb3c8c7b9cc18478962312159ae27fc3493a480efdee98a28c7b83	-	ol8_aarch64_baseos_latest
	pam_ssh_agent_auth-0.10.3-7.24.0.1.el8.aarch64.rpm	ef64214132fb3c8c7b9cc18478962312159ae27fc3493a480efdee98a28c7b83	-	ol8_aarch64_u10_baseos_base

Oracle Linux 8 (x86_64)	openssh-8.0p1-24.0.1.el8.src.rpm	c9a50aaf68d131a238e7b1d0b4561b3bdb696838d7d61bc44892e77f947f5127	-	ol8_x86_64_appstream
	openssh-8.0p1-24.0.1.el8.src.rpm	c9a50aaf68d131a238e7b1d0b4561b3bdb696838d7d61bc44892e77f947f5127	-	ol8_x86_64_baseos_latest
	openssh-8.0p1-24.0.1.el8.src.rpm	c9a50aaf68d131a238e7b1d0b4561b3bdb696838d7d61bc44892e77f947f5127	-	ol8_x86_64_u10_baseos_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_23.1.15.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_23.1.16.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_23.1.17.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_23.1.18.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.10.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.2.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.3.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.4.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.5.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.6.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_24.1.9.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_25.1.0.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_25.1.1.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_25.1.2.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	exadata_dbserver_25.1.3.0.0_x86_64_base
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	ol8_x86_64_baseos_latest
	openssh-8.0p1-24.0.1.el8.x86_64.rpm	60c5bdb20e69ea7841435c2689405dfa9e20b5d4fd6db384269d1570de07e01a	-	ol8_x86_64_u10_baseos_base
	openssh-askpass-8.0p1-24.0.1.el8.x86_64.rpm	87edddac6f89fcc81d8407cd761dd840db4525a6419fd6d6d58e23c2534a4671	-	ol8_x86_64_appstream
	openssh-cavs-8.0p1-24.0.1.el8.x86_64.rpm	b6ffbb595ddc647eb5ed50915825c72e6556c6c82eabdf2f98a357696bf0fd0a	-	ol8_x86_64_baseos_latest
	openssh-cavs-8.0p1-24.0.1.el8.x86_64.rpm	b6ffbb595ddc647eb5ed50915825c72e6556c6c82eabdf2f98a357696bf0fd0a	-	ol8_x86_64_u10_baseos_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_23.1.15.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_23.1.16.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_23.1.17.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_23.1.18.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.10.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.2.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.3.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.4.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.5.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.6.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_24.1.9.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_25.1.0.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_25.1.1.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_25.1.2.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	exadata_dbserver_25.1.3.0.0_x86_64_base
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	ol8_x86_64_baseos_latest
	openssh-clients-8.0p1-24.0.1.el8.x86_64.rpm	663de650cb3aa61a5c8b23c3d2e38399d771d84674455d1fb1a37f61b635a819	-	ol8_x86_64_u10_baseos_base
	openssh-keycat-8.0p1-24.0.1.el8.x86_64.rpm	e955284e03d2410ae0f65992cdfb9d8e9f859d2933305b80403941a9ee248bdd	-	ol8_x86_64_baseos_latest
	openssh-keycat-8.0p1-24.0.1.el8.x86_64.rpm	e955284e03d2410ae0f65992cdfb9d8e9f859d2933305b80403941a9ee248bdd	-	ol8_x86_64_u10_baseos_base
	openssh-ldap-8.0p1-24.0.1.el8.x86_64.rpm	d24c159a7dcd41cf0b0c30af8a68b4b6f917fdf2481dba70dbf97f359eb8d53e	-	ol8_x86_64_baseos_latest
	openssh-ldap-8.0p1-24.0.1.el8.x86_64.rpm	d24c159a7dcd41cf0b0c30af8a68b4b6f917fdf2481dba70dbf97f359eb8d53e	-	ol8_x86_64_u10_baseos_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_23.1.15.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_23.1.16.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_23.1.17.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_23.1.18.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.1.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.10.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.2.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.3.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.4.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.5.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.6.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_24.1.9.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_25.1.0.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_25.1.1.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_25.1.2.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	exadata_dbserver_25.1.3.0.0_x86_64_base
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	ol8_x86_64_baseos_latest
	openssh-server-8.0p1-24.0.1.el8.x86_64.rpm	ed6d116945daabf0e15aded9d8e1debbbd6655ca9268bd2bada8586d1c4e2b71	-	ol8_x86_64_u10_baseos_base
	pam_ssh_agent_auth-0.10.3-7.24.0.1.el8.x86_64.rpm	41f762ed2b510865197fb2c206ba29113ace0d5271373e8678298f230996d40a	-	ol8_x86_64_baseos_latest
	pam_ssh_agent_auth-0.10.3-7.24.0.1.el8.x86_64.rpm	41f762ed2b510865197fb2c206ba29113ace0d5271373e8678298f230996d40a	-	ol8_x86_64_u10_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691