[El-errata] ELSA-2024-12164 Moderate: Oracle Linux 8 openssh security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Fri Feb 16 16:28:16 UTC 2024
Oracle Linux Security Advisory ELSA-2024-12164
http://linux.oracle.com/errata/ELSA-2024-12164.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
openssh-askpass-8.0p1-19.0.1.el8_9.2.x86_64.rpm
openssh-8.0p1-19.0.1.el8_9.2.x86_64.rpm
openssh-cavs-8.0p1-19.0.1.el8_9.2.x86_64.rpm
openssh-clients-8.0p1-19.0.1.el8_9.2.x86_64.rpm
openssh-keycat-8.0p1-19.0.1.el8_9.2.x86_64.rpm
openssh-ldap-8.0p1-19.0.1.el8_9.2.x86_64.rpm
openssh-server-8.0p1-19.0.1.el8_9.2.x86_64.rpm
pam_ssh_agent_auth-0.10.3-7.19.0.1.el8_9.2.x86_64.rpm
aarch64:
openssh-askpass-8.0p1-19.0.1.el8_9.2.aarch64.rpm
openssh-8.0p1-19.0.1.el8_9.2.aarch64.rpm
openssh-cavs-8.0p1-19.0.1.el8_9.2.aarch64.rpm
openssh-clients-8.0p1-19.0.1.el8_9.2.aarch64.rpm
openssh-keycat-8.0p1-19.0.1.el8_9.2.aarch64.rpm
openssh-ldap-8.0p1-19.0.1.el8_9.2.aarch64.rpm
openssh-server-8.0p1-19.0.1.el8_9.2.aarch64.rpm
pam_ssh_agent_auth-0.10.3-7.19.0.1.el8_9.2.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//openssh-8.0p1-19.0.1.el8_9.2.src.rpm
Related CVEs:
CVE-2023-48795
CVE-2023-51385
Description of changes:
[8.0p1-19.0.1.2]
- Update patches for CVE-2023-51385, CVE-2023-48795 [Orabug: 36256632]
[8.0p1-19.2]
- Forbid shell metasymbols in username/hostname
Resolves: CVE-2023-51385
- Fix Terrapin attack
Resolves: CVE-2023-48795
More information about the El-errata
mailing list