[El-errata] ELSA-2016-0466 Moderate: Oracle Linux 6 openssh security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Mar 21 16:24:47 PDT 2016


Oracle Linux Security Advisory ELSA-2016-0466

http://linux.oracle.com/errata/ELSA-2016-0466.html

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:

i386:
openssh-5.3p1-114.el6_7.i686.rpm
openssh-askpass-5.3p1-114.el6_7.i686.rpm
openssh-clients-5.3p1-114.el6_7.i686.rpm
openssh-ldap-5.3p1-114.el6_7.i686.rpm
openssh-server-5.3p1-114.el6_7.i686.rpm
pam_ssh_agent_auth-0.9.3-114.el6_7.i686.rpm

x86_64:
openssh-5.3p1-114.el6_7.x86_64.rpm
openssh-askpass-5.3p1-114.el6_7.x86_64.rpm
openssh-clients-5.3p1-114.el6_7.x86_64.rpm
openssh-ldap-5.3p1-114.el6_7.x86_64.rpm
openssh-server-5.3p1-114.el6_7.x86_64.rpm
pam_ssh_agent_auth-0.9.3-114.el6_7.i686.rpm
pam_ssh_agent_auth-0.9.3-114.el6_7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/openssh-5.3p1-114.el6_7.src.rpm



Description of changes:

[5.3p1-114]
- CVE-2015-5600: MaxAuthTries limit bypass via duplicates in 
KbdInteractiveDevices (#1245969)

[5.3p1-113]
- CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317816)





More information about the El-errata mailing list