Oracle Errata System Oracle Linux 5.11 2024-09-21T18:49:43 Oracle Linux 7 [6.6.1p1-22] - Use the correct constant for glob limits (#1160377) [6.6.1p1-21] - Extend memory limit for remote glob in sftp acc. to stat limit (#1160377) [6.6.1p1-20] - Fix vulnerabilities published with openssh-7.0 (#1265807) - Privilege separation weakness related to PAM support - Use-after-free bug related to PAM support [6.6.1p1-19] - Increase limit of files for glob match in sftp to 8192 (#1160377) [6.6.1p1-18] - Add GSSAPIKexAlgorithms option for server and client application (#1253062) [6.6.1p1-17] - Security fixes released with openssh-6.9 (CVE-2015-5352) (#1247864) - XSECURITY restrictions bypass under certain conditions in ssh(1) (#1238231) - weakness of agent locking (ssh-add -x) to password guessing (#1238238) [6.6.1p1-16] - only query each keyboard-interactive device once (CVE-2015-5600) (#1245971) [6.6.1p1-15] - One more typo in manual page documenting TERM variable (#1162683) - Fix race condition with auditing messages answers (#1240613) [6.6.1p1-14] - Fix ldif schema to have correct spacing on newlines (#1184938) - Add missing values for sshd test mode (#1187597) - ssh-copy-id: tcsh doesnt work with multiline strings (#1201758) - Fix memory problems with newkeys and array transfers (#1223218) - Enhance AllowGroups documentation in man page (#1150007) [6.6.1p1-13] - Increase limit of files for glob match in sftp (#1160377) - Add pam_reauthorize.so to /etc/pam.d/sshd (#1204233) - Show all config values in sshd test mode (#1187597) - Document required selinux boolean for working ssh-ldap-helper (#1178116) - Consistent usage of pam_namespace in sshd (#1125110) - Fix auditing when using combination of ForcedCommand and PTY (#1199112) - Add sftp option to force mode of created files (#1197989) - Ability to specify an arbitrary LDAP filter in ldap.conf for ssh-ldap-helper (#1201753) - Provide documentation line for systemd service and socket (#1181591) - Provide LDIF version of LPK schema (#1184938) - Document TERM environment variable (#1162683) - Fix ssh-copy-id on non-sh remote shells (#1201758) - Do not read RSA1 hostkeys for HostBased authentication in FIPS (#1197666) MODERATE Copyright 2015 Oracle, Inc. CVE-2015-5600 CVE-2015-6563 CVE-2015-6564 cpe:/a:oracle:linux:7:2:base cpe:/a:oracle:linux:7::optional_archive cpe:/a:oracle:linux:7::latest_archive