Описание
ELSA-2012-0884: openssh security, bug fix, and enhancement update (LOW)
[5.3p1-81]
- fixes in openssh-5.3p1-required-authentications.patch (#657378)
[5.3p1-79]
- fix forward on non-localhost ports with IPv6 (#732955)
[5.3p1-78]
- clear SELinux exec context before exec passwd (#814691)
[5.3p1-77]
- prevent post-auth resource exhaustion (#809938)
[5.3p1-76]
- don't escape backslah in a banner (#809619)
[5.3p1-75]
- fix various issues in openssh-5.3p1-required-authentications.patch (#805901)
[5.3p1-74]
- fix out-of-memory killer patch (#744236)
[5.3p1-73]
- remove openssh-4.3p2-no-v6only.patch (#732955)
- adjust Linux out-of-memory killer (#744236)
- fix sshd init script - check existence of crypto (#797384)
- add RequiredAuthentications[12] (#657378)
- run privsep slave process as the users SELinux context (#798241)
[5.3p1-72]
- drop CAVS test driver (#782091)
[5.3p1-71]
- enable aes-ctr ciphers use the EVP engines from OpenSSL such as the AES-NI (#756929)
- add CAVS test driver for the aes-ctr ciphers (#782091)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
openssh
5.3p1-81.el6
openssh-askpass
5.3p1-81.el6
openssh-clients
5.3p1-81.el6
openssh-ldap
5.3p1-81.el6
openssh-server
5.3p1-81.el6
pam_ssh_agent_auth
0.9-81.el6
Oracle Linux i686
openssh
5.3p1-81.el6
openssh-askpass
5.3p1-81.el6
openssh-clients
5.3p1-81.el6
openssh-ldap
5.3p1-81.el6
openssh-server
5.3p1-81.el6
pam_ssh_agent_auth
0.9-81.el6
Связанные CVE
Связанные уязвимости
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and e ...
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.