[El-errata] ELSA-2017-0641 Moderate: Oracle Linux 6 openssh security and bug fix update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Mar 28 09:55:13 PDT 2017
Oracle Linux Security Advisory ELSA-2017-0641
http://linux.oracle.com/errata/ELSA-2017-0641.html
The following updated rpms for Oracle Linux 6 have been uploaded to the
Unbreakable Linux Network:
i386:
openssh-5.3p1-122.el6.i686.rpm
openssh-askpass-5.3p1-122.el6.i686.rpm
openssh-clients-5.3p1-122.el6.i686.rpm
openssh-ldap-5.3p1-122.el6.i686.rpm
openssh-server-5.3p1-122.el6.i686.rpm
pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm
x86_64:
openssh-5.3p1-122.el6.x86_64.rpm
openssh-askpass-5.3p1-122.el6.x86_64.rpm
openssh-clients-5.3p1-122.el6.x86_64.rpm
openssh-ldap-5.3p1-122.el6.x86_64.rpm
openssh-server-5.3p1-122.el6.x86_64.rpm
pam_ssh_agent_auth-0.9.3-122.el6.i686.rpm
pam_ssh_agent_auth-0.9.3-122.el6.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/openssh-5.3p1-122.el6.src.rpm
Description of changes:
[5.3p1-122]
- Allow to use ibmca crypto hardware (#1397547)
- CVE-2015-8325: privilege escalation via user's PAM environment and
UseLogin=yes (1405374)
[5.3p1-121]
- Fix missing hmac-md5-96 from server offer (#1373836)
[5.3p1-120]
- Prevent infinite loop when Ctrl+Z pressed at password prompt (#1218424)
- Remove RC4 cipher and MD5 based MAC from the default client proposal
(#1373836)
[5.3p1-119]
- Resolve sftp force permission colision with umask (#1341747)
- Relax bits needed check to allow hmac-sha2-512 with gss-group1-sha1-
(#1353359)
- close ControlPersist background process stderr when not in debug mode
(#1335539)
- Do not add a message "The agent has no identities." in
~/.ssh/authorized_keys (#1353410)
More information about the El-errata
mailing list