Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -5 articles for you...
219
security advisorymoderatesecurity updateRocky Linux 9: RLSA-2024:4457 Moderate: Openssh Remote Code Execution
Moderate: openssh security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:4457", "synopsis": "Moderate: openssh security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for openssh.\nThis update affects Rocky Linux 9.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nSecurity Fix(es):\n\n* openssh: Possible remote code execution due to a race condition in signal handling affecting Rocky Linux 9 (CVE-2024-6409)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 9"], "fixes": [{"ticket": "2295085", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2295085", "description": ""}], "cves": [{"name": "CVE-2024-6409", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-6409", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-07-15T12:18:40.420716Z", "rpms": {"Rocky Linux 9": {"nvras": ["openssh-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-0:8.7p1-38.el9_4.4.src.rpm", "openssh-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-askpass-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-askpass-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-askpass-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-askpass-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-askpass-debuginfo-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-askpass-debuginfo-0:8.7p1-38.el9_4.4.ppc64le.rpm","openssh-askpass-debuginfo-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-askpass-debuginfo-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-clients-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-clients-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-clients-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-clients-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-clients-debuginfo-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-clients-debuginfo-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-clients-debuginfo-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-clients-debuginfo-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-debuginfo-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-debuginfo-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-debuginfo-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-debuginfo-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-debugsource-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-debugsource-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-debugsource-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-debugsource-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-keycat-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-keycat-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-keycat-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-keycat-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-keycat-debuginfo-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-keycat-debuginfo-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-keycat-debuginfo-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-keycat-debuginfo-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-server-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-server-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-server-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-server-0:8.7p1-38.el9_4.4.x86_64.rpm", "openssh-server-debuginfo-0:8.7p1-38.el9_4.4.aarch64.rpm", "openssh-server-debuginfo-0:8.7p1-38.el9_4.4.ppc64le.rpm", "openssh-server-debuginfo-0:8.7p1-38.el9_4.4.s390x.rpm", "openssh-server-debuginfo-0:8.7p1-38.el9_4.4.x86_64.rpm", "pam_ssh_agent_auth-0:0.10.4-5.38.el9_4.4.aarch64.rpm", "pam_ssh_agent_auth-0:0.10.4-5.38.el9_4.4.ppc64le.rpm", "pam_ssh_agent_auth-0:0.10.4-5.38.el9_4.4.s390x.rpm", "pam_ssh_agent_auth-0:0.10.4-5.38.el9_4.4.x86_64.rpm","pam_ssh_agent_auth-debuginfo-0:0.10.4-5.38.el9_4.4.aarch64.rpm", "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.38.el9_4.4.ppc64le.rpm", "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.38.el9_4.4.s390x.rpm", "pam_ssh_agent_auth-debuginfo-0:0.10.4-5.38.el9_4.4.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. Critical openssh patch released for Rocky Linux 9 addressing potential remote code execution vulnerability due to a timing issue.. openssh security update,Rocky Linux advisories,remote code execution risk. . LinuxSecurity.com Team
Jul 15, 2024
Rocky Linux
200
security advisorysoftware fixlow severityScientific Linux: openssh Authentication Fix for SL 40-44 i386,x86_64
Updated openssh packages that fix an authentication flaw are . Date: Wed, 15 Nov 2006 13:35:49 -0600 Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: ERRATA for "openssh" on SL 40,41,42,43,44 i386,x86_64 now available Comments: To:
Nov 15, 2006
•Low
Scientific Linux
98
security advisorysecurity updatecommand executionRed Hat Enterprise Linux 3: RHSA-2006:0298-01 Low Impact: OpenSSH Issue
Updated openssh packages that fix bugs in sshd are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Low: openssh security update Advisory ID: RHSA-2006:0298-01 Advisory URL: https://access.redhat.com/errata/RHSA-2006:0298.html Issue date: 2006-07-20 Updated on: 2006-07-20 Product: Red Hat Enterprise Linux Keywords: killed initscript scp lastlog CVE Names: CVE-2006-0225 CVE-2003-0386 - ---------------------------------------------------------------------1. Summary: Updated openssh packages that fix bugs in sshd are now available for Red Hat Enterprise Linux 3. This update has been rated as having low security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Desktop version 3 - i386, x86_64 Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64 3. Problem description: OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server. An arbitrary command execution flaw was discovered in the way scp copies files locally. It is possible for a local attacker to create a file with a carefully crafted name that could execute arbitrary commands as the user running scp to copy files locally. (CVE-2006-0225) The SSH daemon, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. (CVE-2003-0386) The following issues havealso been fixed in this update: * If the sshd service was stopped using the sshd init script while the main sshd daemon was not running, the init script would kill other sshd processes, such as the running sessions. For example, this could happen when the 'service sshd stop' command was issued twice. * When privilege separation was enabled, the last login message was printed only for the root user. * The sshd daemon was sending messages to the system log from a signal handler when debug logging was enabled. This could cause a deadlock of the user's connection. All users of openssh should upgrade to these updated packages, which resolve these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 164661 - CVE-2003-0386 host based access bypass 167886 - init script kills all running sshd's if listening server is stopped 170463 - CVE-2006-0225 local to local copy uses shell expansion twice 172564 - I can't see "Last login" message after logged via ssh 6. RPMs required: Red Hat Enterprise Linux AS version 3: SRPMS: e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm ia64: 2719732415234fe81f4b2462a6c87e35 openssh-3.6.1p2-33.30.9.ia64.rpm f0db590adfdd8031fd8eaf2c8b293e85 openssh-askpass-3.6.1p2-33.30.9.ia64.rpm b3a686a8c73a3a8162a1f72542379c4a openssh-askpass-gnome-3.6.1p2-33.30.9.ia64.rpm 5526271abd1c3b8fb8669d9a52d93639 openssh-clients-3.6.1p2-33.30.9.ia64.rpm 4d530c9671abb1ccb341247fa7806255 openssh-debuginfo-3.6.1p2-33.30.9.ia64.rpm db517bbf21696cc4d188d983156aad98 openssh-server-3.6.1p2-33.30.9.ia64.rpm ppc: 8a84ab6436d843999a47abf7eb49d5a0 openssh-3.6.1p2-33.30.9.ppc.rpm 8aaf0de43e33ba19565bb9bd946bea9b openssh-askpass-3.6.1p2-33.30.9.ppc.rpm 86977cd2d1cd372861f578afd87f6448 openssh-askpass-gnome-3.6.1p2-33.30.9.ppc.rpm 4180b0a29242635185b320b9c066f653 openssh-clients-3.6.1p2-33.30.9.ppc.rpm 3ea185391e9b4e97a3a9d74a17fc09be openssh-debuginfo-3.6.1p2-33.30.9.ppc.rpm 3410ad60c188487eaa03ebd481cb75d7 openssh-server-3.6.1p2-33.30.9.ppc.rpm s390: b65279d72dced4e828a93878f7cc5432 openssh-3.6.1p2-33.30.9.s390.rpm f69cbc52c6cc67df546035da1b648115 openssh-askpass-3.6.1p2-33.30.9.s390.rpm 81de02819ba221c68e207d8a19367e1c openssh-askpass-gnome-3.6.1p2-33.30.9.s390.rpm 3efc6853457369b1ced9338f814feb74 openssh-clients-3.6.1p2-33.30.9.s390.rpm 7bb8c01de8f7635c5ca67b36fa00cd09 openssh-debuginfo-3.6.1p2-33.30.9.s390.rpm e6aa13dcab6f2721da20fbd0254daf57 openssh-server-3.6.1p2-33.30.9.s390.rpm s390x: 7610b279141dbb7b608cdc7c3ffb1eca openssh-3.6.1p2-33.30.9.s390x.rpm 88fb3411276f4a243e2b1b6dbd49691a openssh-askpass-3.6.1p2-33.30.9.s390x.rpm 9bc48c69fa3f6efc685829e73a664f73 openssh-askpass-gnome-3.6.1p2-33.30.9.s390x.rpm c2a9622239251898528eb675e6c40770 openssh-clients-3.6.1p2-33.30.9.s390x.rpm 2723ee76c7f7be8021fb525903877a82 openssh-debuginfo-3.6.1p2-33.30.9.s390x.rpm 328b68dd779365f4ede425182a1f6a7b openssh-server-3.6.1p2-33.30.9.s390x.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm Red Hat Desktop version 3: SRPMS: e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm Red Hat Enterprise Linux ES version 3: SRPMS: e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm ia64: 2719732415234fe81f4b2462a6c87e35 openssh-3.6.1p2-33.30.9.ia64.rpm f0db590adfdd8031fd8eaf2c8b293e85 openssh-askpass-3.6.1p2-33.30.9.ia64.rpm b3a686a8c73a3a8162a1f72542379c4a openssh-askpass-gnome-3.6.1p2-33.30.9.ia64.rpm 5526271abd1c3b8fb8669d9a52d93639 openssh-clients-3.6.1p2-33.30.9.ia64.rpm 4d530c9671abb1ccb341247fa7806255 openssh-debuginfo-3.6.1p2-33.30.9.ia64.rpm db517bbf21696cc4d188d983156aad98 openssh-server-3.6.1p2-33.30.9.ia64.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm Red Hat Enterprise Linux WS version 3: SRPMS: e3ca3d0056b6d33fa9b73df89df0bfc4 openssh-3.6.1p2-33.30.9.src.rpm i386: 3dac29ed4176d8fed38b39bf419bfad7 openssh-3.6.1p2-33.30.9.i386.rpm 70efaa93880ed72cd14d983aab0cc0ee openssh-askpass-3.6.1p2-33.30.9.i386.rpm af44bd411209a1587c8094f9210a556f openssh-askpass-gnome-3.6.1p2-33.30.9.i386.rpm a0620c20b60e1e97359f2fb040a7aa9c openssh-clients-3.6.1p2-33.30.9.i386.rpm a53b732f51504042fdf3b49247e4bc75 openssh-debuginfo-3.6.1p2-33.30.9.i386.rpm 4ced380f7d629e7d9b7cb2099d96f7b5 openssh-server-3.6.1p2-33.30.9.i386.rpm ia64: 2719732415234fe81f4b2462a6c87e35 openssh-3.6.1p2-33.30.9.ia64.rpm f0db590adfdd8031fd8eaf2c8b293e85 openssh-askpass-3.6.1p2-33.30.9.ia64.rpm b3a686a8c73a3a8162a1f72542379c4a openssh-askpass-gnome-3.6.1p2-33.30.9.ia64.rpm 5526271abd1c3b8fb8669d9a52d93639 openssh-clients-3.6.1p2-33.30.9.ia64.rpm 4d530c9671abb1ccb341247fa7806255 openssh-debuginfo-3.6.1p2-33.30.9.ia64.rpm db517bbf21696cc4d188d983156aad98 openssh-server-3.6.1p2-33.30.9.ia64.rpm x86_64: 2c39fc426812d6c51fcff37a1475917a openssh-3.6.1p2-33.30.9.x86_64.rpm 8f190121fc48dd7f6fb7bad23aa2b1db openssh-askpass-3.6.1p2-33.30.9.x86_64.rpm c90e54b2370b90300efaa0ed50cdd8bf openssh-askpass-gnome-3.6.1p2-33.30.9.x86_64.rpm 6566faaf53dd8e4e71e43ab33c161f54 openssh-clients-3.6.1p2-33.30.9.x86_64.rpm 9fbc7ead204081b3cf9c4e9d3232e4d6 openssh-debuginfo-3.6.1p2-33.30.9.x86_64.rpm d1cf3d625866fa5916ef913e8ff58c70 openssh-server-3.6.1p2-33.30.9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CVE-2006-0225 https://www.cve.org/CVERecord?id=CVE-2003-0386 https://access.redhat.com/security/updates/classification#low 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2006 Red Hat, Inc. . Low impact OpenSSH update for Red Hat addressing command execution and bugs important for system security.. OpenSSH Update, Red Hat Enterprise Linux, SSH Bug Fix. . Severity: Low. LinuxSecurity.com Team
Jul 20, 2006
•Low
Red Hat
98
security advisoryremote exploitred hatRed Hat Linux: RHSA-2003:279-01 Critical Remote Exploit in OpenSSH
A bug has been found in OpenSSH's buffer handling where a buffer could be marked as grown when the actual reallocation failed.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Updated OpenSSH packages fix potential vulnerability Advisory ID: RHSA-2003:279-01 Issue date: 2003-09-16 Updated on: 2003-09-16 Product: Red Hat Linux Keywords: Cross references: Obsoletes: RHSA-2003:222 CVE Names: CAN-2003-0693 - --------------------------------------------------------------------- 1. Topic: Updated OpenSSH packages are now available that fix a bug that may be remotely exploitable. 2. Relevant releases/architectures: Red Hat Linux 7.1 - i386 Red Hat Linux 7.2 - i386, ia64 Red Hat Linux 7.3 - i386 Red Hat Linux 8.0 - i386 Red Hat Linux 9 - i386 3. Problem description: OpenSSH is a suite of network connectivity tools that can be used to establish encrypted connections between systems on a network and can provide interactive login sessions and port forwarding, among other functions. The OpenSSH team has announced a bug which affects the OpenSSH buffer handling code. This bug has the potential of being remotely exploitable. All users of OpenSSH should immediately apply this update which contains a backported fix for this issue. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. Touse Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. If up2date fails to connect to Red Hat Network due to SSL Certificate Errors, you need to install a version of the up2date client with an updated certificate. The latest version of up2date is available from the Red Hat FTP site and may also be downloaded directly from the RHN website: 5. RPMs required: Red Hat Linux 7.1: SRPMS: i386: Red Hat Linux 7.2: SRPMS: i386: ia64: Red Hat Linux 7.3: SRPMS: i386: Red Hat Linux 8.0: SRPMS: i386: Red Hat Linux 9: SRPMS: i386: 6. Verification: MD5 sum Package Name - -------------------------------------------------------------------------- 68c4a788b259ac5d80696344a1635238 7.1/en/os/SRPMS/openssh-3.1p1-9.src.rpm 2cb116a25b5d3f2ae0290c2b02eb822a 7.1/en/os/i386/openssh-3.1p1-9.i386.rpm 8871705678463c84f5bac0d7e314c51d 7.1/en/os/i386/openssh-askpass-3.1p1-9.i386.rpm d40669604c1003d5fa56a0fe8f5f259f 7.1/en/os/i386/openssh-askpass-gnome-3.1p1-9.i386.rpm ad58192a0988ae2ba28303892344dc15 7.1/en/os/i386/openssh-clients-3.1p1-9.i386.rpm 275ab4661dfef3d2331a044723728ba8 7.1/en/os/i386/openssh-server-3.1p1-9.i386.rpm 8a643b9a1c2081510494bcfe81d704da 7.2/en/os/SRPMS/openssh-3.1p1-10.src.rpm 41d575bf0e8740dea7be6f228cd49a06 7.2/en/os/i386/openssh-3.1p1-10.i386.rpm 4b768a29889a977e780f40829767f139 7.2/en/os/i386/openssh-askpass-3.1p1-10.i386.rpm c6ade41287005e1bc3e773d489571b2f 7.2/en/os/i386/openssh-askpass-gnome-3.1p1-10.i386.rpm ac2a157d5527b94629b393709dafee88 7.2/en/os/i386/openssh-clients-3.1p1-10.i386.rpm dfd86218d209c998c1f5877470e08ee3 7.2/en/os/i386/openssh-server-3.1p1-10.i386.rpm 35ed02df36d62ae2ae388bdb1a2fde8b 7.2/en/os/ia64/openssh-3.1p1-10.ia64.rpm 00efc09f44de8e8757ed002b1c8f33d17.2/en/os/ia64/openssh-askpass-3.1p1-10.ia64.rpm 0a08a3bf5bdd95fb718c9f588aeb19a5 7.2/en/os/ia64/openssh-askpass-gnome-3.1p1-10.ia64.rpm ad1d2c29d579622abeb9aaddc3ba2205 7.2/en/os/ia64/openssh-clients-3.1p1-10.ia64.rpm baa9c271eea7d6d3d49fc14d4cc6cd20 7.2/en/os/ia64/openssh-server-3.1p1-10.ia64.rpm 8a643b9a1c2081510494bcfe81d704da 7.3/en/os/SRPMS/openssh-3.1p1-10.src.rpm 41d575bf0e8740dea7be6f228cd49a06 7.3/en/os/i386/openssh-3.1p1-10.i386.rpm 4b768a29889a977e780f40829767f139 7.3/en/os/i386/openssh-askpass-3.1p1-10.i386.rpm c6ade41287005e1bc3e773d489571b2f 7.3/en/os/i386/openssh-askpass-gnome-3.1p1-10.i386.rpm ac2a157d5527b94629b393709dafee88 7.3/en/os/i386/openssh-clients-3.1p1-10.i386.rpm dfd86218d209c998c1f5877470e08ee3 7.3/en/os/i386/openssh-server-3.1p1-10.i386.rpm 9b0e321ba85cb0d0d92aa8d2215b660b 8.0/en/os/SRPMS/openssh-3.4p1-5.src.rpm 98eec1cabf75d33b4dab5cbcc1fa3916 8.0/en/os/i386/openssh-3.4p1-5.i386.rpm 40a5f106abe732b2de667d8eea533bfb 8.0/en/os/i386/openssh-askpass-3.4p1-5.i386.rpm 2d7066401fdffdc33d8432c5a6e15bf2 8.0/en/os/i386/openssh-askpass-gnome-3.4p1-5.i386.rpm 437bf2bd207673ce3ab9632e6c862972 8.0/en/os/i386/openssh-clients-3.4p1-5.i386.rpm b1d6e055c373770fac486b1c32b1110b 8.0/en/os/i386/openssh-server-3.4p1-5.i386.rpm 7b1cf7bfc16af8675fef75f1c82825ca 9/en/os/SRPMS/openssh-3.5p1-9.src.rpm 42127cbc814679cefd1db11265eb2ded 9/en/os/i386/openssh-3.5p1-9.i386.rpm 301a68bc432e7ac55f847edbb30b4741 9/en/os/i386/openssh-askpass-3.5p1-9.i386.rpm baeb84c227233c05d5b6e9e3bc1bdd3d 9/en/os/i386/openssh-askpass-gnome-3.5p1-9.i386.rpm 78188bca46a3ccbba67d1040f42e3c07 9/en/os/i386/openssh-clients-3.5p1-9.i386.rpm 2233bfd17074fd127dac4f47b57e905c 9/en/os/i386/openssh-server-3.5p1-9.i386.rpm These packages are GPG signed by Red Hat for security. Our key is available from https://access.redhat.com/security/team/key You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sumwith the following command: md5sum 7. References: http://marc.theaimsgroup.com/?l=openbsd-misc&m=106371592604940 CVE -CVE-2003-0693 8. Contact: The Red Hat security contact is . More contact details at https://www.redhat.com/en/technologies/all-products Copyright 2003 Red Hat, Inc. . Update OpenSSH packages immediately to fix a critical exploit in buffer handling vulnerabilities on Red Hat Linux systems.. OpenSSH Update, Red Hat Security, Buffer Management Issue. . Severity: Critical. LinuxSecurity.com Team
Sep 16, 2003
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!