Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
89
security advisorycriticalFedoraFedora 34 NextCloud 20.0.11: Critical Security Flaws Addressed
Update to 20.0.11; Fixes one high severity and multiple low severity CVEs. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-9b421b78af 2021-07-22 01:13:10.976131 --------------------------------------------------------------------------------Name : nextcloud Product : Fedora 34 Version : 20.0.11 Release : 1.fc34 URL : http://nextcloud.com Summary : Private file sync and share server Description : NextCloud gives you universal access to your files through a web interface or WebDAV. It also provides a platform to easily view & sync your contacts, calendars and bookmarks across all your devices and enables basic editing right on the web. NextCloud is extendable via a simple but powerful API for applications and plugins. --------------------------------------------------------------------------------Update Information: Update to 20.0.11; Fixes one high severity and multiple low severity CVEs --------------------------------------------------------------------------------ChangeLog: * Mon Jul 12 2021 Christopher Engelhard 20.0.11-1 - Update to 20.0.11; Fixes RHBZ#1981503; Fixes RHBZ#1981505 --------------------------------------------------------------------------------References: [ 1 ] Bug #1981503 - CVE-2021-32688 nextcloud: Improper permission check permits tokens to change their own permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1981503 [ 2 ] Bug #1981505 - CVE-2021-32680 nextcloud: Improper audit logging for expiration date events [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1981505 [ 3 ] Bug #1981817 - CVE-2021-32678 nextcloud: ratelimit not applied on OCS API responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1981817 [ 4 ] Bug #1981819 - CVE-2021-32679 nextcloud: filenames not escaped by default in controllers using DownloadResponse [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1981819 [ 5 ] Bug #1981821 - CVE-2021-32703 nextcloud: lack of ratelimit on shareinfo endpoint [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1981821 [ 6 ] Bug #1981824 - CVE-2021-32705 nextcloud: lack of ratelimit on public DAV endpoint [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1981824 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-9b421b78af' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 21, 2021
•Critical
Fedora
89
security advisorysecurity issueFedoraFedora 10: Advisory 2009-9386 Critical: ProFTPD SQL Injection Fix
This update has a large number of changes from previous Fedora packages; the highlights are as follows: - Update to upstream release 1.3.2a - Fix SQL injection vulnerability at login (#485125, CVE-2009-0542) - Fix SELinux compatibility (#498375) - Fix audit logging (#506735) - Fix default configuration (#509251) - Many new loadable modules including mod_ctrls_admin and mod_wrap2 - National Language Support (RFC 2640) - Enable/disable common features in /etc/sysconfig/proftpd. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-9386 2009-09-09 00:45:39 -------------------------------------------------------------------------------- Name : proftpd Product : Fedora 10 Version : 1.3.2a Release : 5.fc10 URL : http://www.proftpd.org/ Summary : Flexible, stable and highly-configurable FTP server Description : ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based directory visibility. This package defaults to the standalone behaviour of ProFTPD, but all the needed scripts to have it run by xinetd instead are included. -------------------------------------------------------------------------------- Update Information: This update has a large number of changes from previous Fedora packages; the highlights are as follows: - Update to upstream release 1.3.2a - Fix SQL injection vulnerability at login (#485125, CVE-2009-0542) - Fix SELinux compatibility (#498375) - Fix audit logging (#506735) - Fix default configuration (#509251) - Many new loadable modules including mod_ctrls_admin and mod_wrap2 - National Language Support (RFC 2640) - Enable/disable common features in/etc/sysconfig/proftpd -------------------------------------------------------------------------------- ChangeLog: * Mon Sep 7 2009 Paul Howarth 1.3.2a-5 - Add upstream patch for MLSD with dirnames containing glob chars (#521634) * Wed Sep 2 2009 Paul Howarth 1.3.2a-4 - New DSO module: mod_exec (#520214) * Fri Aug 21 2009 Tomas Mraz - 1.3.2a-3.1 - Rebuilt with new openssl * Wed Aug 19 2009 Paul Howarth 1.3.2a-3 - Use mod_vroot to work around PAM/chroot issues (#477120, #506735) * Fri Jul 31 2009 Paul Howarth 1.3.2a-2 - Add upstream patch to fix parallel build (http://bugs.proftpd.org/show_bug.cgi) * Mon Jul 27 2009 Paul Howarth 1.3.2a-1 - Update to 1.3.2a - Add patch to reinstate support for -DPARAMETER (http://bugs.proftpd.org/show_bug.cgi) - Retain CAP_AUDIT_WRITE, needed for pam_loginuid (#506735, fixed upstream) - Remove ScoreboardFile directive from configuration file - default value works better with SELinux (#498375) - Ship mod_quotatab_sql.so in the main package rather than the SQL backend subpackages - New DSO modules: - mod_ctrls_admin - mod_facl - mod_load - mod_quotatab_radius - mod_radius - mod_ratio - mod_rewrite - mod_site_misc - mod_wrap2 - mod_wrap2_file - mod_wrap2_sql - Enable mod_lang/nls support for RFC 2640 (and buildreq gettext) - Add /etc/sysconfig/proftpd to set PROFTPD_OPTIONS and update initscript to use this value so we can use a define to enable (e.g.) anonymous FTP support rather than having a huge commented-out section in the config file - Rewrite config file to remove most settings that don't change upstream defaults, and add brief descriptions for all available loadable modules - Move Umask and IdentLookups settings from server config to context so that they apply to all servers, including virtual hosts (#509251) - Ensure mod_ifsession is always the last one specified, which makes sure that mod_ifsession's changes are seen properly by other modules - Drop pam version requirement - all targets have sufficiently recent version -Drop redundant explicit dependency on pam - Subpackages don't need to own %{_libexecdir}/proftpd directory - Drop redundant krb5-devel buildreq - Make SRPM back-compatible with EPEL-4 (TLS cert dirs, PAM config) - Don't include README files for non-Linux platforms - Recode ChangeLog as UTF-8 - Don't ship the prxs tool for building custom DSO's since we don't ship the headers either - Prevent stripping of binaries in a slightly more robust way - Fix release tag to be ready for future beta/rc versions - Define RPM macros in global scope - BuildRequire libcap-devel so that we use the system library rather than the bundled one, and eliminate log messages like: kernel: warning: `proftpd' uses 32-bit capabilities (legacy support in use) * Sun Jul 26 2009 Fedora Release Engineering - 1.3.2-3.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Thu Apr 9 2009 Matthias Saou 1.3.2-2.1 - Update the tcp_wrappers BR to be just /usr/include/tcpd.h instead. * Thu Apr 9 2009 Matthias Saou 1.3.2-2 - Fix tcp_wrappers-devel BR conditional. * Mon Apr 6 2009 Matthias Saou 1.3.2-1 - Update to 1.3.2. - Include mod_wrap (#479813). - Tried to include mod_wrap2* modules but build failed. * Thu Feb 26 2009 Fedora Release Engineering - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Sat Jan 24 2009 Caolán McNamara 1.3.2-0.3.rc3 - Rebuild for dependencies * Fri Jan 2 2009 Matthias Saou 1.3.2-0.2.rc3 - Update default configuration to have a lit of available modules and more example configuration for them. * Mon Dec 22 2008 Matthias Saou 1.3.2-0.1.rc3 - Update to 1.3.2rc3 (fixes security issue #464127) - Exclude new pkgconfig file, as we already exclude header files (if someone ever needs to rebuild something against this proftpd, just ask and I'll split out a devel package... but it seems pretty useless currently). - Remove no longer needed find-umode_t patch. -------------------------------------------------------------------------------- References: [ 1 ] Bug#485125 - CVE-2009-0542 proftpd: SQL injection during login https://bugzilla.redhat.com/show_bug.cgi?id=485125 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update proftpd' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailing list
Sep 24, 2009
•Critical
Fedora
98
security advisorysecurity updateRed HatRed Hat Linux 4 RHSA-2006:0044-01 Low Severity OpenSSH Command Execution
Updated openssh packages that fix bugs in sshd and add auditing of user logins are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: openssh security update Advisory ID: RHSA-2006:0044-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0044.html Issue date: 2006-03-07 Updated on: 2006-03-07 Product: Red Hat Enterprise Linux CVE Names: CVE-2006-0225 - ---------------------------------------------------------------------1. Summary: Updated openssh packages that fix bugs in sshd and add auditing of user logins are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server. An arbitrary command execution flaw was discovered in the way scp copies files locally. It is possible for a local attacker to create a file with a carefully crafted name that could execute arbitrary commands as the user running scp to copy files locally. The Common Vulnerabilities and Exposures project (cve.mitre.org) assigned the name CVE-2006-0225 to this issue. The following issue has also been fixed in this update: * If the sshd service was stopped using the sshd init script while the main sshd daemon was not running, the init script would kill other sshd processes,such as the running sessions. For example, this could happen when the 'service sshd stop' command was issued twice. Additionally, this update implements auditing of user logins through the system audit service. All users of openssh should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 170466 - CVE-2006-0225 local to local copy uses shell expansion twice 170468 - init script kills all running sshd's if listening server is stopped 170568 - add audit message to sshd 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: 2578e547e59c73fdca370de8e98c5503 openssh-3.9p1-8.RHEL4.12.src.rpm i386: 21757cc7559d10b6c0d129ad09f7457b openssh-3.9p1-8.RHEL4.12.i386.rpm d8f08434752602146534024a54d8597e openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm 73f9af460966644a1996be486cbd2cfc openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm d753e37401a9a8bc837232c8c04565fe openssh-clients-3.9p1-8.RHEL4.12.i386.rpm ed7c9a6d9dcdb8104da21f65fb318c8f openssh-server-3.9p1-8.RHEL4.12.i386.rpm ia64: 4e7aa26129bf1905d97faf99b8e116b4 openssh-3.9p1-8.RHEL4.12.ia64.rpm 9d66c16e57e3c21b3678dd12d1851f10 openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm 11ff74898dfe0ace6fc2f0ff5e89c24c openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm 70fc3a2a4b8f641203673b1f62282c33 openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm de9c83fa4b93dea3f8d42b4df4fd569a openssh-server-3.9p1-8.RHEL4.12.ia64.rpm ppc: 46b6e719c56a74aa46e191c2f36999e3 openssh-3.9p1-8.RHEL4.12.ppc.rpm 7cd82332e39423ba4698875b31e43623 openssh-askpass-3.9p1-8.RHEL4.12.ppc.rpm 387227b69d7a1be97fa3368c84907f41 openssh-askpass-gnome-3.9p1-8.RHEL4.12.ppc.rpm 8e3c9db269da8a446baa6e0f61faf43c openssh-clients-3.9p1-8.RHEL4.12.ppc.rpm dd99de85e9e030b6624fb698e3775322 openssh-server-3.9p1-8.RHEL4.12.ppc.rpm s390: 6f17b04da53dd4deba4c6a43983e94af openssh-3.9p1-8.RHEL4.12.s390.rpm 48ef2ac4db2a7d9596de43f9dc27cdff openssh-askpass-3.9p1-8.RHEL4.12.s390.rpm 9a2d946cecb4fd484c769ebd54541b2e openssh-askpass-gnome-3.9p1-8.RHEL4.12.s390.rpm f9f5373f55575664a575caf776ffde43 openssh-clients-3.9p1-8.RHEL4.12.s390.rpm 6a79297b27544cc7fc7d971d5979fccd openssh-server-3.9p1-8.RHEL4.12.s390.rpm s390x: ca31fdbf5a061487d602174f9fe23f48 openssh-3.9p1-8.RHEL4.12.s390x.rpm cddba42d826ab7825058d1a07b0cee80 openssh-askpass-3.9p1-8.RHEL4.12.s390x.rpm eff616e124743dc63d2d9f3789f4da18 openssh-askpass-gnome-3.9p1-8.RHEL4.12.s390x.rpm 579853e1cd8415e7f24c4c477ea919e6 openssh-clients-3.9p1-8.RHEL4.12.s390x.rpm 0cd9686cdfa1f751fc7c39783fbf29ae openssh-server-3.9p1-8.RHEL4.12.s390x.rpm x86_64: 538abab594c138be17494e21eef0f8c0 openssh-3.9p1-8.RHEL4.12.x86_64.rpm 74fb1a3069203034430479b873e229e5 openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm 9eaf5f509a4442aa921751a73bd29e94 openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm 08f183cef545498fc81ee61fba9e5ef5 openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm eda71f6f994a92a323058e9e8c2ba4f9 openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 2578e547e59c73fdca370de8e98c5503 openssh-3.9p1-8.RHEL4.12.src.rpm i386: 21757cc7559d10b6c0d129ad09f7457b openssh-3.9p1-8.RHEL4.12.i386.rpm d8f08434752602146534024a54d8597e openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm 73f9af460966644a1996be486cbd2cfc openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm d753e37401a9a8bc837232c8c04565fe openssh-clients-3.9p1-8.RHEL4.12.i386.rpm ed7c9a6d9dcdb8104da21f65fb318c8f openssh-server-3.9p1-8.RHEL4.12.i386.rpm x86_64: 538abab594c138be17494e21eef0f8c0 openssh-3.9p1-8.RHEL4.12.x86_64.rpm 74fb1a3069203034430479b873e229e5 openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm 9eaf5f509a4442aa921751a73bd29e94 openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm 08f183cef545498fc81ee61fba9e5ef5 openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm eda71f6f994a92a323058e9e8c2ba4f9 openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 2578e547e59c73fdca370de8e98c5503 openssh-3.9p1-8.RHEL4.12.src.rpm i386: 21757cc7559d10b6c0d129ad09f7457b openssh-3.9p1-8.RHEL4.12.i386.rpm d8f08434752602146534024a54d8597e openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm 73f9af460966644a1996be486cbd2cfc openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm d753e37401a9a8bc837232c8c04565fe openssh-clients-3.9p1-8.RHEL4.12.i386.rpm ed7c9a6d9dcdb8104da21f65fb318c8f openssh-server-3.9p1-8.RHEL4.12.i386.rpm ia64: 4e7aa26129bf1905d97faf99b8e116b4 openssh-3.9p1-8.RHEL4.12.ia64.rpm 9d66c16e57e3c21b3678dd12d1851f10 openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm 11ff74898dfe0ace6fc2f0ff5e89c24c openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm 70fc3a2a4b8f641203673b1f62282c33 openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm de9c83fa4b93dea3f8d42b4df4fd569a openssh-server-3.9p1-8.RHEL4.12.ia64.rpm x86_64: 538abab594c138be17494e21eef0f8c0 openssh-3.9p1-8.RHEL4.12.x86_64.rpm 74fb1a3069203034430479b873e229e5 openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm 9eaf5f509a4442aa921751a73bd29e94 openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm 08f183cef545498fc81ee61fba9e5ef5 openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm eda71f6f994a92a323058e9e8c2ba4f9 openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 2578e547e59c73fdca370de8e98c5503 openssh-3.9p1-8.RHEL4.12.src.rpm i386: 21757cc7559d10b6c0d129ad09f7457b openssh-3.9p1-8.RHEL4.12.i386.rpm d8f08434752602146534024a54d8597e openssh-askpass-3.9p1-8.RHEL4.12.i386.rpm 73f9af460966644a1996be486cbd2cfc openssh-askpass-gnome-3.9p1-8.RHEL4.12.i386.rpm d753e37401a9a8bc837232c8c04565fe openssh-clients-3.9p1-8.RHEL4.12.i386.rpm ed7c9a6d9dcdb8104da21f65fb318c8f openssh-server-3.9p1-8.RHEL4.12.i386.rpm ia64: 4e7aa26129bf1905d97faf99b8e116b4 openssh-3.9p1-8.RHEL4.12.ia64.rpm 9d66c16e57e3c21b3678dd12d1851f10 openssh-askpass-3.9p1-8.RHEL4.12.ia64.rpm 11ff74898dfe0ace6fc2f0ff5e89c24c openssh-askpass-gnome-3.9p1-8.RHEL4.12.ia64.rpm 70fc3a2a4b8f641203673b1f62282c33 openssh-clients-3.9p1-8.RHEL4.12.ia64.rpm de9c83fa4b93dea3f8d42b4df4fd569a openssh-server-3.9p1-8.RHEL4.12.ia64.rpm x86_64: 538abab594c138be17494e21eef0f8c0 openssh-3.9p1-8.RHEL4.12.x86_64.rpm 74fb1a3069203034430479b873e229e5 openssh-askpass-3.9p1-8.RHEL4.12.x86_64.rpm 9eaf5f509a4442aa921751a73bd29e94 openssh-askpass-gnome-3.9p1-8.RHEL4.12.x86_64.rpm 08f183cef545498fc81ee61fba9e5ef5 openssh-clients-3.9p1-8.RHEL4.12.x86_64.rpm eda71f6f994a92a323058e9e8c2ba4f9 openssh-server-3.9p1-8.RHEL4.12.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2006-0225 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2006 Red Hat, Inc. . Red Hat releases a new version of openssh to rectify glitches, enhance auditing features, and resolve a minor security vulnerability in Enterprise Linux 4.. Red Hat Openssh Update, Low Risk Security Advisory, SSH Audit Logging Update. . Severity: Low. LinuxSecurity.com Team
Mar 07, 2006
•Low
Red Hat
98
security advisorymoderateRed HatRed Hat Enterprise Linux 4 RHSA-2005:527-01 Moderate GSSAPI Credential Risk
Updated openssh packages that fix a security issue, bugs, and add support for recording login user IDs for audit are now available for Red Hat Enterprise Linux 4.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Moderate: openssh security update Advisory ID: RHSA-2005:527-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:527.html Issue date: 2005-10-05 Updated on: 2005-10-05 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-2798 - ---------------------------------------------------------------------1. Summary: Updated openssh packages that fix a security issue, bugs, and add support for recording login user IDs for audit are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. An error in the way OpenSSH handled GSSAPI credential delegation was discovered. OpenSSH as distributed with Red Hat Enterprise Linux 4 contains support for GSSAPI user authentication, typically used for supporting Kerberos. On OpenSSH installations which have GSSAPI enabled, this flaw could allow a user who sucessfully authenticates using a method other than GSSAPI to be delegated with GSSAPI credentials. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2798 to this issue. Additionally, the following bugs have been addressed: The ssh command incorrectly failed when it was issued by the root user with a non-default group set. Thesshd daemon could fail to properly close the client connection if multiple X clients were forwarded over the connection and the client session exited. The sshd daemon could bind only on the IPv6 address family for X forwarding if the port on IPv4 address family was already bound. The X forwarding did not work in such cases. This update also adds support for recording login user IDs for the auditing service. The user ID is attached to the audit records generated from the user's session. All users of openssh should upgrade to these updated packages, which contain backported patches to resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10 5. Bug IDs fixed (http://bugzilla.redhat.com/): 159331 - sshd update for new audit system 167444 - CAN-2005-2798 Improper GSSAPI credential delegation 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: 2cbb0102ce3dc2c36c328819f8522bbc openssh-3.9p1-8.RHEL4.9.src.rpm i386: 4a5add7335d6b6bcf9a202e45e782eee openssh-3.9p1-8.RHEL4.9.i386.rpm 77cc6d8b6be9c613f80cd7d52c9f91e3 openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm 76c9ac8255dbc25184887dd93cfdb047 openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm 45350fbd7c5356467ebfc2e2a7bfc55a openssh-clients-3.9p1-8.RHEL4.9.i386.rpm 32e69cc88f09f6785badd3b82fdccb31 openssh-server-3.9p1-8.RHEL4.9.i386.rpm ia64: f27d73d28c920358dcb434c3ed8489cf openssh-3.9p1-8.RHEL4.9.ia64.rpm 512632b31d333408cf2e05a3e567e16a openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm 6771aafbd50b0ead67418404cbd63711 openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm 0355970673f296c38ee961549665b64d openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm 40fa71b924423c63af6215255cc21198 openssh-server-3.9p1-8.RHEL4.9.ia64.rpm ppc: e97bdb7f35c89a540f9c3204064c4b7e openssh-3.9p1-8.RHEL4.9.ppc.rpm 93dbfdb6052e0e4532d183b2dab9cb95 openssh-askpass-3.9p1-8.RHEL4.9.ppc.rpm 9e8e056a8677d7bdd45479be6c12f47d openssh-askpass-gnome-3.9p1-8.RHEL4.9.ppc.rpm 3af1774ffe5f61d7d0f89a1e0093bcff openssh-clients-3.9p1-8.RHEL4.9.ppc.rpm 3ec577e0d009372ed16343f8d7ddef4d openssh-server-3.9p1-8.RHEL4.9.ppc.rpm s390: dc7368330098bd6b02babcf62ae31773 openssh-3.9p1-8.RHEL4.9.s390.rpm bbe31ee642601ed16e64aebca844adf3 openssh-askpass-3.9p1-8.RHEL4.9.s390.rpm b45278314ff79575284af2a0ddf09f8f openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390.rpm eb0871dc10d5eb1541f2bd240b86d1bb openssh-clients-3.9p1-8.RHEL4.9.s390.rpm fa1669804538da84a5b312d237eb65bc openssh-server-3.9p1-8.RHEL4.9.s390.rpm s390x: a26f854317e26af188704d5df98b302b openssh-3.9p1-8.RHEL4.9.s390x.rpm 7386e0e001ec6534c5666316f6ac1aa6 openssh-askpass-3.9p1-8.RHEL4.9.s390x.rpm 26e80a25582afc8665b853b9fd844907 openssh-askpass-gnome-3.9p1-8.RHEL4.9.s390x.rpm 65a0209831ac79f162f75e491ec7696a openssh-clients-3.9p1-8.RHEL4.9.s390x.rpm 2856776521344601307cdcbb9e6af2e6 openssh-server-3.9p1-8.RHEL4.9.s390x.rpm x86_64: 8e2c46e097fff0172553d821e6810f91 openssh-3.9p1-8.RHEL4.9.x86_64.rpm 14a78c2264965373c6c56d63f73f60e5 openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm b799e4ed3d8d6aaf3439e06c5ee29b21 openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm e15d265ea0f955724b27cb15f2230f4f openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm 56bab36b63f94a4adcaa79ef026df03e openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 2cbb0102ce3dc2c36c328819f8522bbc openssh-3.9p1-8.RHEL4.9.src.rpm i386: 4a5add7335d6b6bcf9a202e45e782eee openssh-3.9p1-8.RHEL4.9.i386.rpm 77cc6d8b6be9c613f80cd7d52c9f91e3 openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm 76c9ac8255dbc25184887dd93cfdb047 openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm 45350fbd7c5356467ebfc2e2a7bfc55a openssh-clients-3.9p1-8.RHEL4.9.i386.rpm 32e69cc88f09f6785badd3b82fdccb31 openssh-server-3.9p1-8.RHEL4.9.i386.rpm x86_64: 8e2c46e097fff0172553d821e6810f91 openssh-3.9p1-8.RHEL4.9.x86_64.rpm 14a78c2264965373c6c56d63f73f60e5 openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm b799e4ed3d8d6aaf3439e06c5ee29b21 openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm e15d265ea0f955724b27cb15f2230f4f openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm 56bab36b63f94a4adcaa79ef026df03e openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 2cbb0102ce3dc2c36c328819f8522bbc openssh-3.9p1-8.RHEL4.9.src.rpm i386: 4a5add7335d6b6bcf9a202e45e782eee openssh-3.9p1-8.RHEL4.9.i386.rpm 77cc6d8b6be9c613f80cd7d52c9f91e3 openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm 76c9ac8255dbc25184887dd93cfdb047 openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm 45350fbd7c5356467ebfc2e2a7bfc55a openssh-clients-3.9p1-8.RHEL4.9.i386.rpm 32e69cc88f09f6785badd3b82fdccb31 openssh-server-3.9p1-8.RHEL4.9.i386.rpm ia64: f27d73d28c920358dcb434c3ed8489cf openssh-3.9p1-8.RHEL4.9.ia64.rpm 512632b31d333408cf2e05a3e567e16a openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm 6771aafbd50b0ead67418404cbd63711 openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm 0355970673f296c38ee961549665b64d openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm 40fa71b924423c63af6215255cc21198 openssh-server-3.9p1-8.RHEL4.9.ia64.rpm x86_64: 8e2c46e097fff0172553d821e6810f91 openssh-3.9p1-8.RHEL4.9.x86_64.rpm 14a78c2264965373c6c56d63f73f60e5 openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm b799e4ed3d8d6aaf3439e06c5ee29b21 openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm e15d265ea0f955724b27cb15f2230f4f openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm 56bab36b63f94a4adcaa79ef026df03e openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 2cbb0102ce3dc2c36c328819f8522bbc openssh-3.9p1-8.RHEL4.9.src.rpm i386: 4a5add7335d6b6bcf9a202e45e782eee openssh-3.9p1-8.RHEL4.9.i386.rpm 77cc6d8b6be9c613f80cd7d52c9f91e3 openssh-askpass-3.9p1-8.RHEL4.9.i386.rpm 76c9ac8255dbc25184887dd93cfdb047 openssh-askpass-gnome-3.9p1-8.RHEL4.9.i386.rpm 45350fbd7c5356467ebfc2e2a7bfc55a openssh-clients-3.9p1-8.RHEL4.9.i386.rpm 32e69cc88f09f6785badd3b82fdccb31 openssh-server-3.9p1-8.RHEL4.9.i386.rpm ia64: f27d73d28c920358dcb434c3ed8489cf openssh-3.9p1-8.RHEL4.9.ia64.rpm 512632b31d333408cf2e05a3e567e16a openssh-askpass-3.9p1-8.RHEL4.9.ia64.rpm 6771aafbd50b0ead67418404cbd63711 openssh-askpass-gnome-3.9p1-8.RHEL4.9.ia64.rpm 0355970673f296c38ee961549665b64d openssh-clients-3.9p1-8.RHEL4.9.ia64.rpm 40fa71b924423c63af6215255cc21198 openssh-server-3.9p1-8.RHEL4.9.ia64.rpm x86_64: 8e2c46e097fff0172553d821e6810f91 openssh-3.9p1-8.RHEL4.9.x86_64.rpm 14a78c2264965373c6c56d63f73f60e5 openssh-askpass-3.9p1-8.RHEL4.9.x86_64.rpm b799e4ed3d8d6aaf3439e06c5ee29b21 openssh-askpass-gnome-3.9p1-8.RHEL4.9.x86_64.rpm e15d265ea0f955724b27cb15f2230f4f openssh-clients-3.9p1-8.RHEL4.9.x86_64.rpm 56bab36b63f94a4adcaa79ef026df03e openssh-server-3.9p1-8.RHEL4.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.cve.org/CVERecord?id=CAN-2005-2798 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2005 Red Hat, Inc. . Canonical unveils a significant patch 2023:12345 to address vulnerabilities and bolster system monitoring for enhanced protection.. openssh Security, Red Hat Advisory, Audit Logging, Security Update, GSSAPI Fix. . Severity: Important. LinuxSecurity.com Team
Oct 05, 2005
•Important
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!