[El-errata] ELSA-2016-3531 Important: Oracle Linux 5 openssh security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Sun Apr 3 21:57:53 PDT 2016
Oracle Linux Security Advisory ELSA-2016-3531
http://linux.oracle.com/errata/ELSA-2016-3531.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
openssh-4.3p2-82.0.2.el5.i386.rpm
openssh-askpass-4.3p2-82.0.2.el5.i386.rpm
openssh-clients-4.3p2-82.0.2.el5.i386.rpm
openssh-server-4.3p2-82.0.2.el5.i386.rpm
x86_64:
openssh-4.3p2-82.0.2.el5.x86_64.rpm
openssh-askpass-4.3p2-82.0.2.el5.x86_64.rpm
openssh-clients-4.3p2-82.0.2.el5.x86_64.rpm
openssh-server-4.3p2-82.0.2.el5.x86_64.rpm
ia64:
openssh-4.3p2-82.0.2.el5.ia64.rpm
openssh-askpass-4.3p2-82.0.2.el5.ia64.rpm
openssh-clients-4.3p2-82.0.2.el5.ia64.rpm
openssh-server-4.3p2-82.0.2.el5.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/openssh-4.3p2-82.0.2.el5.src.rpm
Description of changes:
[4.3p2-82.0.2]
- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in
KbdInteractiveDevices (John Haxby) [orabug 22985024]
- CVE-2016-3115: missing sanitisation of input for X11 forwarding (John
Haxby) [orabug 22985024]
More information about the El-errata
mailing list