Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Security Week: March 30th, 2015
Linux Advisory Watch: March 27th, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Fedora Core 4 Update: openssh-4.2p1-fc4.10 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This is a minor security update which fixes double shell expansion in local to local and remote to remote copy with scp. It also fixes a few other minor non-security issues.
Fedora Update Notification

Product     : Fedora Core 4
Name        : openssh
Version     : 4.2p1                      
Release     : fc4.10                  
Summary     : The OpenSSH implementation of SSH protocol versions 1 and 2.
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features, as well as removing
all patented algorithms to separate libraries.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

Update Information:

This is a minor security update which fixes double shell
expansion in local to local and remote to remote copy with
scp. It also fixes a few other minor non-security issues.

* Mon Jan 23 2006 Tomas Mraz  4.2p1-fc4.10
- upstream patch for regression in X11 forwarding (#168703)
- _GNU_SOURCE should be used instead of __USE_GNU
- use fork+exec instead of system in scp - CVE-2006-0225 (#168167)
- upstream patch for displaying authentication errors
- install ssh-copy-id from contrib (#88707)

This update can be downloaded from:

994fee18b120794ffe1ff86ad7bf131ee8b88ccf  SRPMS/openssh-4.2p1-fc4.10.src.rpm
6bcc9cd98830e18b0159564176fa009c46b80856  ppc/openssh-4.2p1-fc4.10.ppc.rpm
d40dba0afd9822437ed7a5a696ee3daa279411ec  ppc/openssh-clients-4.2p1-fc4.10.ppc.rpm
c94bb942d7792b9afa900dd0287949e04ca32b28  ppc/openssh-server-4.2p1-fc4.10.ppc.rpm
05e7f1c5319ff9570a9e845f8c700fe90c7c31b5  ppc/openssh-askpass-4.2p1-fc4.10.ppc.rpm
b6e551070bbee67f7fd946911c97178626d3da65  ppc/openssh-askpass-gnome-4.2p1-fc4.10.ppc.rpm
f480a6976ff55113f91feab46595e6d635261e2c  ppc/debug/openssh-debuginfo-4.2p1-fc4.10.ppc.rpm
0165741a413a34444d01b258438277bbd9bddf2d  x86_64/openssh-4.2p1-fc4.10.x86_64.rpm
2cf77f379b5c23d79aae51dc9c6b1d57d0f09c26  x86_64/openssh-clients-4.2p1-fc4.10.x86_64.rpm
552067e9c66d6a9ad7948456f647639f80c5a704  x86_64/openssh-server-4.2p1-fc4.10.x86_64.rpm
e9ff3b7547b24c008e971ebab33a0c6129337388  x86_64/openssh-askpass-4.2p1-fc4.10.x86_64.rpm
02ca70440cdbc3a0d120c33f86e6a478e8a8dca6  x86_64/openssh-askpass-gnome-4.2p1-fc4.10.x86_64.rpm
5bc5c6c6f70beea25bfadc187468b2bf5c1d4559  x86_64/debug/openssh-debuginfo-4.2p1-fc4.10.x86_64.rpm
5f807379bdf5b01a2832c7098bebead38dd1d9e7  i386/openssh-4.2p1-fc4.10.i386.rpm
381e4cec46f4e8f52ef025ecc12f3550fd9047f8  i386/openssh-clients-4.2p1-fc4.10.i386.rpm
c829cdaecc4e1717602b71f5801446048605d0e3  i386/openssh-server-4.2p1-fc4.10.i386.rpm
27da09faab909fa05fe25d4f7193e85a19d11f57  i386/openssh-askpass-4.2p1-fc4.10.i386.rpm
f5ae2f000b0b6daa7f8f630a5ca21de6bb296459  i386/openssh-askpass-gnome-4.2p1-fc4.10.i386.rpm
118203388385081425531090a807e71116eaae88  i386/debug/openssh-debuginfo-4.2p1-fc4.10.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at

fedora-announce-list mailing list
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Feds Charged With Stealing Money During Silk Road Investigation
EFF questions US government's software flaw disclosure policy
Hotel Router Vulnerability A Reminder Of Untrusted WiFi Risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.