[El-errata] ELSA-2017-2029 Moderate: Oracle Linux 7 openssh security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Aug 8 13:53:13 PDT 2017


Oracle Linux Security Advisory ELSA-2017-2029

http://linux.oracle.com/errata/ELSA-2017-2029.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
openssh-7.4p1-11.el7.x86_64.rpm
openssh-askpass-7.4p1-11.el7.x86_64.rpm
openssh-cavs-7.4p1-11.el7.x86_64.rpm
openssh-clients-7.4p1-11.el7.x86_64.rpm
openssh-keycat-7.4p1-11.el7.x86_64.rpm
openssh-ldap-7.4p1-11.el7.x86_64.rpm
openssh-server-7.4p1-11.el7.x86_64.rpm
openssh-server-sysvinit-7.4p1-11.el7.x86_64.rpm
pam_ssh_agent_auth-0.10.3-1.11.el7.i686.rpm
pam_ssh_agent_auth-0.10.3-1.11.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/openssh-7.4p1-11.el7.src.rpm



Description of changes:

[7.4p1-11 + 0.10.3-1]
- Compiler warnings (#1341754)

[7.4p1-10 + 0.10.3-1]
- Add missing messages in FIPS mode (#1341754)

[7.4p1-9 + 0.10.3-1]
- Allow harmless syscalls for s390 crypto modules (#1451809)

[7.4p1-8 + 0.10.3-1]
- Fix multilib issue in documentation (#1450361)

[7.4p1-6 + 0.10.3-1]
- ControlPath too long should not be a fatal error (#1447561)

[7.4p1-5 + 0.10.3-1]
- Fix the default key exchange proposal in FIPS mode (#1438414)
- Remove another wrong coverity chunk to unbreak gsskex (#1438414)

[7.4p1-4 + 0.10.3-1]
- Update seccomp filter to work on ppc64le (#1443916)

[7.4p1-3 + 0.10.3-1]
- Do not completely disable SHA-1 key exchange methods in FIPS (#1324493)
- Remove wrong coverity patches

[7.4p1-2 + 0.10.3-1]
- Fix coverity scan results
- Adjust FIPS algorithms list (#1420910)
- Revert problematic feature for chroot(#1418062)
- Fix CBC weakness in released OpenSSH 7.5

[7.4p1-1 + 0.10.3-1]
- Rebase to openssh 7.4 and pam_ssh_agent_auth 0.10.3 (#1341754)
- detach -cavs subpackage
- enable seccomp filter for sandboxed child






More information about the El-errata mailing list