Oval Definition:oval:com.redhat.rhsa:def:20162588
Revision Date:2016-11-03Version:637
Title:RHSA-2016:2588: openssh security, bug fix, and enhancement update (Moderate)
Description:OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

  • It was discovered that the OpenSSH sshd daemon fetched PAM environment settings before running the login program. In configurations with UseLogin=yes and the pam_env PAM module configured to read user environment settings, a local user could use this flaw to execute arbitrary code as root. (CVE-2015-8325)

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.3 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2015-8325
    RHSA-2016:2588
    RHSA-2016:2588-01
    RHSA-2016:2588-02
    RHSA-2016:2588-02
    Platform(s):Red Hat Enterprise Linux 7
    Red Hat Enterprise Linux 7 (please do not use for >= RHEL-7.5)
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • openssh is earlier than 0:6.6.1p1-31.el7
  • AND openssh is signed with Red Hat redhatrelease2 key
  • openssh-askpass is earlier than 0:6.6.1p1-31.el7
  • AND openssh-askpass is signed with Red Hat redhatrelease2 key
  • openssh-clients is earlier than 0:6.6.1p1-31.el7
  • AND openssh-clients is signed with Red Hat redhatrelease2 key
  • openssh-keycat is earlier than 0:6.6.1p1-31.el7
  • AND openssh-keycat is signed with Red Hat redhatrelease2 key
  • openssh-ldap is earlier than 0:6.6.1p1-31.el7
  • AND openssh-ldap is signed with Red Hat redhatrelease2 key
  • openssh-server is earlier than 0:6.6.1p1-31.el7
  • AND openssh-server is signed with Red Hat redhatrelease2 key
  • openssh-server-sysvinit is earlier than 0:6.6.1p1-31.el7
  • AND openssh-server-sysvinit is signed with Red Hat redhatrelease2 key
  • pam_ssh_agent_auth is earlier than 0:0.9.3-9.31.el7
  • AND pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key
    • Definition Synopsis
  • Release Information
  • Red Hat Enterprise Linux 7 Client is installed
  • OR Red Hat Enterprise Linux 7 Server is installed
  • OR Red Hat Enterprise Linux 7 Workstation is installed
  • OR Red Hat Enterprise Linux 7 ComputeNode is installed
  • AND Package Information
  • openssh is earlier than 0:6.6.1p1-31.el7
  • AND openssh is signed with Red Hat redhatrelease2 key
  • OR
  • openssh-keycat is earlier than 0:6.6.1p1-31.el7
  • AND openssh-keycat is signed with Red Hat redhatrelease2 key
  • OR
  • openssh-clients is earlier than 0:6.6.1p1-31.el7
  • AND openssh-clients is signed with Red Hat redhatrelease2 key
  • OR
  • openssh-server is earlier than 0:6.6.1p1-31.el7
  • AND openssh-server is signed with Red Hat redhatrelease2 key
  • OR
  • openssh-askpass is earlier than 0:6.6.1p1-31.el7
  • AND openssh-askpass is signed with Red Hat redhatrelease2 key
  • OR
  • openssh-server-sysvinit is earlier than 0:6.6.1p1-31.el7
  • AND openssh-server-sysvinit is signed with Red Hat redhatrelease2 key
  • OR
  • openssh-ldap is earlier than 0:6.6.1p1-31.el7
  • AND openssh-ldap is signed with Red Hat redhatrelease2 key
  • OR
  • pam_ssh_agent_auth is earlier than 0:0.9.3-9.31.el7
  • AND pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key
    • BACK