| Revision Date: | 2015-02-23 | Version: | 13 |
| Title: | ELSA-2014-1552 -- openssh security, bug fix, and enhancement update |
| Description: | [5.3p1-104]- ignore SIGXFSZ in postauth monitor child (#1133906)[5.3p1-103]- don't try to generate DSA keys in the init script in FIPS mode (#1118735)[5.3p1-102]- ignore SIGPIPE in ssh-keyscan (#1108836)[5.3p1-101]- ssh-add: fix fatal exit when removing card (#1042519)[5.3p1-100]- fix race in backported ControlPersist patch (#953088)[5.3p1-99.2]- skip requesting smartcard PIN when removing keys from agent (#1042519)[5.3p1-98]- add possibility to autocreate only RSA key into initscript (#1111568)- fix several issues reported by coverity[5.3p1-97]- x11 forwarding - be less restrictive when can't bind to one of available addresses (#1027197)- better fork error detection in audit patch (#1028643)- fix openssh-5.3p1-x11.patch for non-linux platforms (#1100913)[5.3p1-96]- prevent a server from skipping SSHFP lookup (#1081338) CVE-2014-2653- ignore environment variables with embedded '=' or '\0' characters CVE-2014-2532- backport ControlPersist option (#953088)- log when a client requests an interactive session and only sftp is allowed (#997377)- don't try to load RSA1 host key in FIPS mode (#1009959)- restore Linux oom_adj setting when handling SIGHUP to maintain behaviour over restart (#1010429)- ssh-keygen -V - relative-specified certificate expiry time should be relative to current time (#1022459)[5.3p1-95]- adjust the key echange DH groups and ssh-keygen according to SP800-131A (#993580)- log failed integrity test if /etc/system-fips exists (#1020803)- backport ECDSA and ECDH support (#1028335) |
| Family: | unix | Class: | patch |
| Status: | ACCEPTED | Reference(s): | CVE-2014-2532
CVE-2014-2653
ELSA-2014-1552
|
| Platform(s): | Oracle Linux 6
| Product(s): | openssh
|
| Definition Synopsis |
| Oracle Linux 6.x AND Packages section
openssh is earlier than 0:5.3p1-104.el6
OR openssh-askpass is earlier than 0:5.3p1-104.el6
OR openssh-clients is earlier than 0:5.3p1-104.el6
OR openssh-ldap is earlier than 0:5.3p1-104.el6
OR openssh-server is earlier than 0:5.3p1-104.el6
OR pam_ssh_agent_auth is earlier than 0:0.9.3-104.el6
|