[ol7_latest_archive] openssh-6.6.1p1-25.el7_2.x86_64

Name:	openssh
Version:	6.6.1p1
Release:	25.el7_2
Architecture:	x86_64
Group:	Applications/Internet
Size:	1450050
License:	BSD
RPM:	openssh-6.6.1p1-25.el7_2.x86_64.rpm
Source RPM:	openssh-6.6.1p1-25.el7_2.src.rpm
Build Date:	Mon Mar 21 2016
Build Host:	x86-ol7-builder-02.us.oracle.com
Vendor:	Oracle America
URL:	http://www.openssh.com/portable.html
Summary:	An open source implementation of SSH protocol versions 1 and 2
Description:	SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both.

Changelog (Show File list) (Show related packages)

Wed Mar 16 2016 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-25 + 0.9.3-9

- CVE-2016-1908: possible fallback from untrusted to trusted X11 forwarding (#1298741)

Tue Mar 15 2016 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-24 + 0.9.3-9

- CVE-2016-3115: missing sanitisation of input for X11 forwarding (#1317818)

Wed Jan 13 2016 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-23 + 0.9.3-9

- Disable undocumented feauture Roaming for good (#1298218)
- prevents CVE-2016-0777 and CVE-2016-0778

Fri Sep 25 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-22 + 0.9.3-9
```
- Use the correct constant for glob limits (#1160377)
```

Thu Sep 24 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-21 + 0.9.3-9

- Extend memory limit for remote glob in sftp acc. to stat limit (#1160377)

Thu Sep 24 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-20 + 0.9.3-9

- Fix vulnerabilities published with openssh-7.0 (#1265807)
 - Privilege separation weakness related to PAM support
 - Use-after-free bug related to PAM support

Thu Sep 24 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-19 + 0.9.3-9
```
- Increase limit of files for glob match in sftp to 8192 (#1160377)
```

Tue Aug 18 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-18 + 0.9.3-9

- Add GSSAPIKexAlgorithms option for server and client application (#1253062)

Wed Jul 29 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-17 + 0.9.3-9

- Security fixes released with openssh-6.9 (CVE-2015-5352) (#1247864)
 - XSECURITY restrictions bypass under certain conditions in ssh(1) (#1238231)
 - weakness of agent locking (ssh-add -x) to password guessing (#1238238)

Mon Jul 27 2015 Jakub Jelen <jjelen@redhat.com> 6.6.1p1-16 + 0.9.3-9

- only query each keyboard-interactive device once (CVE-2015-5600) (#1245971)