- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Low: openssh security and bug fix update
Advisory ID:       RHSA-2007:0257-02
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0257.html
Issue date:        2007-05-01
Updated on:        2007-05-01
Product:           Red Hat Enterprise Linux
Keywords:          syslog buffer length IPv6 X11 forwarding
CVE Names:         CVE-2005-2666 
- ---------------------------------------------------------------------1. Summary:

Updated openssh packages that fix a security issue and various bugs are now
available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This
package includes the core files necessary for both the OpenSSH client and
server.

OpenSSH stores hostnames, IP addresses, and keys in plaintext in the
known_hosts file.  A local attacker that has already compromised a user's
SSH account could use this information to generate a list of additional
targets that are likely to have the same password or key.  (CVE-2005-2666)

The following bugs have also been fixed in this update:

* The ssh client could abort the running connection when the server
application generated a large output at once.

* When 'X11UseLocalhost' option was set to 'no' on systems with IPv6
networking enabled, the X11 forwarding socket listened only for IPv6
connections.

* When the privilege separation was enabled in /etc/ssh/sshd_config, some
log messages in the system log were duplicated and also had timestamps from
an incorrect timezone.

All users of openssh should upgrade to these updated packages, which
contain backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/):

162681 - CVE-2005-2666 openssh vulnerable to known_hosts address harvesting
184357 - buffer_append_space: alloc not supported Error
193710 - [PATCH] audit patch for openssh missing #include "loginrec.h" in auth.c
201594 - sshd does not create ipv4 listen socket for X11 forwarding
203671 - additional (time skewed) log entries in /var/log/secure since U4

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
73cd43ad99e6b5eb626914bb65f11d70  openssh-3.9p1-8.RHEL4.20.src.rpm

i386:
355fb0d34d1207f6629f886f8cf3e6c4  openssh-3.9p1-8.RHEL4.20.i386.rpm
5b062f94d91ed8418c45745d8b285bd4  openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm
4c13962301e5f93492fcb02b7f01a7b1  openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm
029fa6c52dec14626a1e443caecc2300  openssh-clients-3.9p1-8.RHEL4.20.i386.rpm
f022d0b8cf19f1118fc7521142e7e71c  openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm
74c1c9b1293e8e46ecaf46db181d3a1b  openssh-server-3.9p1-8.RHEL4.20.i386.rpm

ia64:
063a012cb911cad11e1c6e1f700e46ab  openssh-3.9p1-8.RHEL4.20.ia64.rpm
67a3c8ab28bdcefe7b2fb957c933b996  openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm
ce81cfbef39e88997fd9084f04f46f26  openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm
c7bd82bac6e899e197ce59d4dc061d07  openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm
8bca6d06228a0250582fbb224e14f46b  openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm
9110321bf599bf3f29eaccaa32b7ce1d  openssh-server-3.9p1-8.RHEL4.20.ia64.rpm

ppc:
cac15ade9405e8ef47939842656b6f70  openssh-3.9p1-8.RHEL4.20.ppc.rpm
783a2f6121f3a7373e5f7d7048f95ecd  openssh-askpass-3.9p1-8.RHEL4.20.ppc.rpm
2571d5eb1f66180cf8eebc281d7a41bd  openssh-askpass-gnome-3.9p1-8.RHEL4.20.ppc.rpm
195d880c6af6314c807fd74249bc494c  openssh-clients-3.9p1-8.RHEL4.20.ppc.rpm
b8dfde972ad2d579e8ded57589cdf4f7  openssh-debuginfo-3.9p1-8.RHEL4.20.ppc.rpm
5bac6e49005be5b599254ab40e6582f1  openssh-server-3.9p1-8.RHEL4.20.ppc.rpm

s390:
7f2a4d71dde9957902770b5a8cbebb98  openssh-3.9p1-8.RHEL4.20.s390.rpm
6a768d4d2fb313e8e9536854f8980cff  openssh-askpass-3.9p1-8.RHEL4.20.s390.rpm
e0eed1c1b158d2b9f4265931ddfec2df  openssh-askpass-gnome-3.9p1-8.RHEL4.20.s390.rpm
d776bccdb065c52fee0820c2452e7909  openssh-clients-3.9p1-8.RHEL4.20.s390.rpm
1fcd5df3d202ceb6ddbf2decade7bd18  openssh-debuginfo-3.9p1-8.RHEL4.20.s390.rpm
05f4d043e3fd7993e041ac8af1954ffd  openssh-server-3.9p1-8.RHEL4.20.s390.rpm

s390x:
ee4dd7366a973d0cc074397ab44b3d36  openssh-3.9p1-8.RHEL4.20.s390x.rpm
e521ced488fc72105e1591653855cfa0  openssh-askpass-3.9p1-8.RHEL4.20.s390x.rpm
b3099fded8c796a4b7a26fc9918f8694  openssh-askpass-gnome-3.9p1-8.RHEL4.20.s390x.rpm
7b3894c6220efb08cd42e2ba41b97c24  openssh-clients-3.9p1-8.RHEL4.20.s390x.rpm
71b619d3ae4411c7ca6f557b342165e1  openssh-debuginfo-3.9p1-8.RHEL4.20.s390x.rpm
612e6fa71dd9d0b4a0abb84af6ad0e0d  openssh-server-3.9p1-8.RHEL4.20.s390x.rpm

x86_64:
61cd0299d5413094af7970856f7fffc8  openssh-3.9p1-8.RHEL4.20.x86_64.rpm
88464fef4b7393f7f081dc0c734bcd53  openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm
198d98b530ce9fbfe6dd6b3d3b38712c  openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm
1c3c86136815400a0713187d9f55315b  openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm
b242035b20927623270bb32fe531b5bd  openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm
e6b172814bfc7402996bf498a8f37634  openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
73cd43ad99e6b5eb626914bb65f11d70  openssh-3.9p1-8.RHEL4.20.src.rpm

i386:
355fb0d34d1207f6629f886f8cf3e6c4  openssh-3.9p1-8.RHEL4.20.i386.rpm
5b062f94d91ed8418c45745d8b285bd4  openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm
4c13962301e5f93492fcb02b7f01a7b1  openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm
029fa6c52dec14626a1e443caecc2300  openssh-clients-3.9p1-8.RHEL4.20.i386.rpm
f022d0b8cf19f1118fc7521142e7e71c  openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm
74c1c9b1293e8e46ecaf46db181d3a1b  openssh-server-3.9p1-8.RHEL4.20.i386.rpm

x86_64:
61cd0299d5413094af7970856f7fffc8  openssh-3.9p1-8.RHEL4.20.x86_64.rpm
88464fef4b7393f7f081dc0c734bcd53  openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm
198d98b530ce9fbfe6dd6b3d3b38712c  openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm
1c3c86136815400a0713187d9f55315b  openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm
b242035b20927623270bb32fe531b5bd  openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm
e6b172814bfc7402996bf498a8f37634  openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
73cd43ad99e6b5eb626914bb65f11d70  openssh-3.9p1-8.RHEL4.20.src.rpm

i386:
355fb0d34d1207f6629f886f8cf3e6c4  openssh-3.9p1-8.RHEL4.20.i386.rpm
5b062f94d91ed8418c45745d8b285bd4  openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm
4c13962301e5f93492fcb02b7f01a7b1  openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm
029fa6c52dec14626a1e443caecc2300  openssh-clients-3.9p1-8.RHEL4.20.i386.rpm
f022d0b8cf19f1118fc7521142e7e71c  openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm
74c1c9b1293e8e46ecaf46db181d3a1b  openssh-server-3.9p1-8.RHEL4.20.i386.rpm

ia64:
063a012cb911cad11e1c6e1f700e46ab  openssh-3.9p1-8.RHEL4.20.ia64.rpm
67a3c8ab28bdcefe7b2fb957c933b996  openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm
ce81cfbef39e88997fd9084f04f46f26  openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm
c7bd82bac6e899e197ce59d4dc061d07  openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm
8bca6d06228a0250582fbb224e14f46b  openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm
9110321bf599bf3f29eaccaa32b7ce1d  openssh-server-3.9p1-8.RHEL4.20.ia64.rpm

x86_64:
61cd0299d5413094af7970856f7fffc8  openssh-3.9p1-8.RHEL4.20.x86_64.rpm
88464fef4b7393f7f081dc0c734bcd53  openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm
198d98b530ce9fbfe6dd6b3d3b38712c  openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm
1c3c86136815400a0713187d9f55315b  openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm
b242035b20927623270bb32fe531b5bd  openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm
e6b172814bfc7402996bf498a8f37634  openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
73cd43ad99e6b5eb626914bb65f11d70  openssh-3.9p1-8.RHEL4.20.src.rpm

i386:
355fb0d34d1207f6629f886f8cf3e6c4  openssh-3.9p1-8.RHEL4.20.i386.rpm
5b062f94d91ed8418c45745d8b285bd4  openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm
4c13962301e5f93492fcb02b7f01a7b1  openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm
029fa6c52dec14626a1e443caecc2300  openssh-clients-3.9p1-8.RHEL4.20.i386.rpm
f022d0b8cf19f1118fc7521142e7e71c  openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm
74c1c9b1293e8e46ecaf46db181d3a1b  openssh-server-3.9p1-8.RHEL4.20.i386.rpm

ia64:
063a012cb911cad11e1c6e1f700e46ab  openssh-3.9p1-8.RHEL4.20.ia64.rpm
67a3c8ab28bdcefe7b2fb957c933b996  openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm
ce81cfbef39e88997fd9084f04f46f26  openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm
c7bd82bac6e899e197ce59d4dc061d07  openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm
8bca6d06228a0250582fbb224e14f46b  openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm
9110321bf599bf3f29eaccaa32b7ce1d  openssh-server-3.9p1-8.RHEL4.20.ia64.rpm

x86_64:
61cd0299d5413094af7970856f7fffc8  openssh-3.9p1-8.RHEL4.20.x86_64.rpm
88464fef4b7393f7f081dc0c734bcd53  openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm
198d98b530ce9fbfe6dd6b3d3b38712c  openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm
1c3c86136815400a0713187d9f55315b  openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm
b242035b20927623270bb32fe531b5bd  openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm
e6b172814bfc7402996bf498a8f37634  openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2666
http://www.redhat.com/security/updates/classification/#low

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Low: openssh security and bug fix update

Updated openssh packages that fix a security issue and various bugs are now available

Summary



Summary

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This package includes the core files necessary for both the OpenSSH client and server. OpenSSH stores hostnames, IP addresses, and keys in plaintext in the known_hosts file. A local attacker that has already compromised a user's SSH account could use this information to generate a list of additional targets that are likely to have the same password or key. (CVE-2005-2666) The following bugs have also been fixed in this update: * The ssh client could abort the running connection when the server application generated a large output at once. * When 'X11UseLocalhost' option was set to 'no' on systems with IPv6 networking enabled, the X11 forwarding socket listened only for IPv6 connections. * When the privilege separation was enabled in /etc/ssh/sshd_config, some log messages in the system log were duplicated and also had timestamps from an incorrect timezone. All users of openssh should upgrade to these updated packages, which contain backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
162681 - CVE-2005-2666 openssh vulnerable to known_hosts address harvesting 184357 - buffer_append_space: alloc not supported Error 193710 - [PATCH] audit patch for openssh missing #include "loginrec.h" in auth.c 201594 - sshd does not create ipv4 listen socket for X11 forwarding 203671 - additional (time skewed) log entries in /var/log/secure since U4
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS: 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm
i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm
ia64: 063a012cb911cad11e1c6e1f700e46ab openssh-3.9p1-8.RHEL4.20.ia64.rpm 67a3c8ab28bdcefe7b2fb957c933b996 openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm ce81cfbef39e88997fd9084f04f46f26 openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm c7bd82bac6e899e197ce59d4dc061d07 openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm 8bca6d06228a0250582fbb224e14f46b openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm 9110321bf599bf3f29eaccaa32b7ce1d openssh-server-3.9p1-8.RHEL4.20.ia64.rpm
ppc: cac15ade9405e8ef47939842656b6f70 openssh-3.9p1-8.RHEL4.20.ppc.rpm 783a2f6121f3a7373e5f7d7048f95ecd openssh-askpass-3.9p1-8.RHEL4.20.ppc.rpm 2571d5eb1f66180cf8eebc281d7a41bd openssh-askpass-gnome-3.9p1-8.RHEL4.20.ppc.rpm 195d880c6af6314c807fd74249bc494c openssh-clients-3.9p1-8.RHEL4.20.ppc.rpm b8dfde972ad2d579e8ded57589cdf4f7 openssh-debuginfo-3.9p1-8.RHEL4.20.ppc.rpm 5bac6e49005be5b599254ab40e6582f1 openssh-server-3.9p1-8.RHEL4.20.ppc.rpm
s390: 7f2a4d71dde9957902770b5a8cbebb98 openssh-3.9p1-8.RHEL4.20.s390.rpm 6a768d4d2fb313e8e9536854f8980cff openssh-askpass-3.9p1-8.RHEL4.20.s390.rpm e0eed1c1b158d2b9f4265931ddfec2df openssh-askpass-gnome-3.9p1-8.RHEL4.20.s390.rpm d776bccdb065c52fee0820c2452e7909 openssh-clients-3.9p1-8.RHEL4.20.s390.rpm 1fcd5df3d202ceb6ddbf2decade7bd18 openssh-debuginfo-3.9p1-8.RHEL4.20.s390.rpm 05f4d043e3fd7993e041ac8af1954ffd openssh-server-3.9p1-8.RHEL4.20.s390.rpm
s390x: ee4dd7366a973d0cc074397ab44b3d36 openssh-3.9p1-8.RHEL4.20.s390x.rpm e521ced488fc72105e1591653855cfa0 openssh-askpass-3.9p1-8.RHEL4.20.s390x.rpm b3099fded8c796a4b7a26fc9918f8694 openssh-askpass-gnome-3.9p1-8.RHEL4.20.s390x.rpm 7b3894c6220efb08cd42e2ba41b97c24 openssh-clients-3.9p1-8.RHEL4.20.s390x.rpm 71b619d3ae4411c7ca6f557b342165e1 openssh-debuginfo-3.9p1-8.RHEL4.20.s390x.rpm 612e6fa71dd9d0b4a0abb84af6ad0e0d openssh-server-3.9p1-8.RHEL4.20.s390x.rpm
x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS: 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm
i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm
x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS: 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm
i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm
ia64: 063a012cb911cad11e1c6e1f700e46ab openssh-3.9p1-8.RHEL4.20.ia64.rpm 67a3c8ab28bdcefe7b2fb957c933b996 openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm ce81cfbef39e88997fd9084f04f46f26 openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm c7bd82bac6e899e197ce59d4dc061d07 openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm 8bca6d06228a0250582fbb224e14f46b openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm 9110321bf599bf3f29eaccaa32b7ce1d openssh-server-3.9p1-8.RHEL4.20.ia64.rpm
x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS: 73cd43ad99e6b5eb626914bb65f11d70 openssh-3.9p1-8.RHEL4.20.src.rpm
i386: 355fb0d34d1207f6629f886f8cf3e6c4 openssh-3.9p1-8.RHEL4.20.i386.rpm 5b062f94d91ed8418c45745d8b285bd4 openssh-askpass-3.9p1-8.RHEL4.20.i386.rpm 4c13962301e5f93492fcb02b7f01a7b1 openssh-askpass-gnome-3.9p1-8.RHEL4.20.i386.rpm 029fa6c52dec14626a1e443caecc2300 openssh-clients-3.9p1-8.RHEL4.20.i386.rpm f022d0b8cf19f1118fc7521142e7e71c openssh-debuginfo-3.9p1-8.RHEL4.20.i386.rpm 74c1c9b1293e8e46ecaf46db181d3a1b openssh-server-3.9p1-8.RHEL4.20.i386.rpm
ia64: 063a012cb911cad11e1c6e1f700e46ab openssh-3.9p1-8.RHEL4.20.ia64.rpm 67a3c8ab28bdcefe7b2fb957c933b996 openssh-askpass-3.9p1-8.RHEL4.20.ia64.rpm ce81cfbef39e88997fd9084f04f46f26 openssh-askpass-gnome-3.9p1-8.RHEL4.20.ia64.rpm c7bd82bac6e899e197ce59d4dc061d07 openssh-clients-3.9p1-8.RHEL4.20.ia64.rpm 8bca6d06228a0250582fbb224e14f46b openssh-debuginfo-3.9p1-8.RHEL4.20.ia64.rpm 9110321bf599bf3f29eaccaa32b7ce1d openssh-server-3.9p1-8.RHEL4.20.ia64.rpm
x86_64: 61cd0299d5413094af7970856f7fffc8 openssh-3.9p1-8.RHEL4.20.x86_64.rpm 88464fef4b7393f7f081dc0c734bcd53 openssh-askpass-3.9p1-8.RHEL4.20.x86_64.rpm 198d98b530ce9fbfe6dd6b3d3b38712c openssh-askpass-gnome-3.9p1-8.RHEL4.20.x86_64.rpm 1c3c86136815400a0713187d9f55315b openssh-clients-3.9p1-8.RHEL4.20.x86_64.rpm b242035b20927623270bb32fe531b5bd openssh-debuginfo-3.9p1-8.RHEL4.20.x86_64.rpm e6b172814bfc7402996bf498a8f37634 openssh-server-3.9p1-8.RHEL4.20.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2666 http://www.redhat.com/security/updates/classification/#low

Package List


Severity
Advisory ID: RHSA-2007:0257-02
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0257.html
Issued Date: : 2007-05-01
Updated on: 2007-05-01
Product: Red Hat Enterprise Linux
Keywords: syslog buffer length IPv6 X11 forwarding
CVE Names: CVE-2005-2666 Updated openssh packages that fix a security issue and various bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64


Bugs Fixed


Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
2.Motherboard Esm H320
2 - 3 min read
The recently uncovered "Native Branch History Injection (BHI)" exploit against the Linux kernel marks a significant milestone in the ongoing battle
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved