[El-errata] ELSA-2007-0257 Low: Enterprise Linux 4 openssh security and bug fix update

el-errata at oss.oracle.com el-errata at oss.oracle.com
Thu May 17 19:39:24 PDT 2007


Enterprise Linux Security Advisory ELSA-2007-0257

https://rhn.redhat.com/errata/RHSA-2007-0257.html

The following updated rpms for Enterprise Linux 4 have been uploaded to the Unbreakable Linux Network:

i386:
openssh-3.9p1-8.RHEL4.20.i386.rpm
openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm
openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm
openssh-clients-3.9p1-8.RHEL4.20.i386.rpm
openssh-server-3.9p1-8.RHEL4.20.i386.rpm

x86_64:
openssh-3.9p1-8.RHEL4.20.x86_64.rpm
openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm
openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm
openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm
openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm

SRPMS:

http://oss.oracle.com/el4/SRPMS-updates/openssh-3.9p1-8.RHEL4.20.src.rpm

Description of changes:

[3.9p1-8.RHEL4.20]
- CVE-2006-5794 properly detect failed key verify in monitor (#214640)

[3.9p1-8.RHEL4.19]
- add support for hashed known_hosts file (#162681)

[3.9p1-8.RHEL4.18]
- fixed client behaviour when remote program generates large output (#184357)
- don't report duplicate syslog messages, use correct local time (#203671)
- don't set IPV6_V6ONLY sock opt when listening on wildcard addr (#201594)
- fix audit patch to include loginrec.h in auth.c (#193710)






More information about the El-errata mailing list