Описание
ELSA-2009-1287: openssh security, bug fix, and enhancement update (LOW)
[4.3p2-36]
- tiny change in chroot sftp capability into openssh-server solve ls speed problem (#440240)
[4.3p2-35]
- workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 (#502230)
[4.3p2-34]
- disable protocol 1 in the FIPS mode
[4.3p2-33]
- fix scp hangup on exit (#454812)
- call integrity checks only on binaries which are part of the OpenSSH FIPS modules
[4.3p2-32]
- log if FIPS mode is initialized (#492363)
- check the integrity of the binaries in the FIPS mode (#467268)
[4.3p2-31]
- fix ssh hangup on exit (#454812)
[4.3p2-30]
- add chroot sftp capability into openssh-server (#440240)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
openssh
4.3p2-36.el5
openssh-askpass
4.3p2-36.el5
openssh-clients
4.3p2-36.el5
openssh-server
4.3p2-36.el5
Oracle Linux x86_64
openssh
4.3p2-36.el5
openssh-askpass
4.3p2-36.el5
openssh-clients
4.3p2-36.el5
openssh-server
4.3p2-36.el5
Oracle Linux i386
openssh
4.3p2-36.el5
openssh-askpass
4.3p2-36.el5
openssh-clients
4.3p2-36.el5
openssh-server
4.3p2-36.el5
Связанные CVE
Связанные уязвимости
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Error handling in the SSH protocol in (1) SSH Tectia Client and Server ...
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.