What Are You Looking For?

Sign Up
Oracle Linux Security Advisory ELSA-2023-4412

http://linux.oracle.com/errata/ELSA-2023-4412.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
openssh-8.7p1-30.el9_2.x86_64.rpm
openssh-askpass-8.7p1-30.el9_2.x86_64.rpm
openssh-clients-8.7p1-30.el9_2.x86_64.rpm
openssh-keycat-8.7p1-30.el9_2.x86_64.rpm
openssh-server-8.7p1-30.el9_2.x86_64.rpm
pam_ssh_agent_auth-0.10.4-5.30.el9_2.x86_64.rpm

aarch64:
openssh-8.7p1-30.el9_2.aarch64.rpm
openssh-askpass-8.7p1-30.el9_2.aarch64.rpm
openssh-clients-8.7p1-30.el9_2.aarch64.rpm
openssh-keycat-8.7p1-30.el9_2.aarch64.rpm
openssh-server-8.7p1-30.el9_2.aarch64.rpm
pam_ssh_agent_auth-0.10.4-5.30.el9_2.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//openssh-8.7p1-30.el9_2.src.rpm

Related CVEs:

CVE-2023-38408




Description of changes:

[8.7p1-30]
- Avoid remote code execution in ssh-agent PKCS#11 support
  Resolves: CVE-2023-38408


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle9: ELSA-2023-4412: openssh security Important Security Update

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Summary

[8.7p1-30] - Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408

SRPMs

http://oss.oracle.com/ol9/SRPMS-updates//openssh-8.7p1-30.el9_2.src.rpm

x86_64

openssh-8.7p1-30.el9_2.x86_64.rpm openssh-askpass-8.7p1-30.el9_2.x86_64.rpm openssh-clients-8.7p1-30.el9_2.x86_64.rpm openssh-keycat-8.7p1-30.el9_2.x86_64.rpm openssh-server-8.7p1-30.el9_2.x86_64.rpm pam_ssh_agent_auth-0.10.4-5.30.el9_2.x86_64.rpm

aarch64

openssh-8.7p1-30.el9_2.aarch64.rpm openssh-askpass-8.7p1-30.el9_2.aarch64.rpm openssh-clients-8.7p1-30.el9_2.aarch64.rpm openssh-keycat-8.7p1-30.el9_2.aarch64.rpm openssh-server-8.7p1-30.el9_2.aarch64.rpm pam_ssh_agent_auth-0.10.4-5.30.el9_2.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-38408

Related News

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Dec 7, 2023

The Present & Future of Kernel Security: Linux's Unique Method for Securing Code

Dec 8, 2023

Linux Is Getting Its Own Blue Screen of Death with a New systemd Update

Dec 8, 2023

Critical Bluetooth Flaw Exposes Android, Apple & Linux Devices to Takeover

Dec 7, 2023

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector
Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

Footer Logo