Name: | openssh |
---|---|
Version: | 7.4p1 |
Release: | 23.0.3.el7_9 |
Architecture: | aarch64 |
Group: | Applications/Internet |
Size: | 2099234 |
License: | BSD |
RPM: | openssh-7.4p1-23.0.3.el7_9.aarch64.rpm |
Source RPM: | openssh-7.4p1-23.0.3.el7_9.src.rpm |
Build Date: | Mon Feb 12 2024 |
Build Host: | build-ol7-aarch64.oracle.com |
Vendor: | Oracle America |
URL: | http://www.openssh.com/portable.html |
Summary: | An open source implementation of SSH protocol versions 1 and 2 |
Description: | SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both. |
- add KEX_INITIAL flag [Orabug: 36160445] - implement "strict key exchange" [CVE-2023-48795][Orabug: 36160445]
- enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation (openssh bz#3012) [Orabug: 30448895]
- Avoid remote code execution in ssh-agent PKCS#11 support Resolves: CVE-2023-38408
- avoid segfault in Kerberos cache cleanup (#1999263) - fix CVE-2021-41617 (#2008884)
- Avoid double comma in the default cipher list in FIPS mode (#1722446)
- Revert the updating of cached passwd structure (#1712053)
- Update cached passwd structure after PAM authentication (#1674541)
- invalidate supplemental group cache used by temporarily_use_uid() when the target uid differs (#1583735)
- Fix for CVE-2018-15473 (#1619079) - Enable GCM mode for AES ciphers in FIPS mode (#1600869)
- Fix for CVE-2017-15906 (#1517226)