[ol9_baseos_latest] openssh-8.7p1-38.0.2.el9.x86_64

Name:	openssh
Version:	8.7p1
Release:	38.0.2.el9
Architecture:	x86_64
Group:	Unspecified
Size:	1992076
License:	BSD
RPM:	openssh-8.7p1-38.0.2.el9.x86_64.rpm
Source RPM:	openssh-8.7p1-38.0.2.el9.src.rpm
Build Date:	Mon Jul 01 2024
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssh.com/portable.html
Summary:	An open source implementation of SSH protocol version 2
Description:	SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both.

Changelog (Show File list) (Show related packages)

Wed Jun 26 2024 Alex Burmashev <alexander.burmashev@oracle.com> - 8.7p1-38.0.2

- Restore dropped earlier ifdef condition for safe _exit(1) call in sshsigdie() [Orabug: 36783468]
  Resolves CVE-2024-6387

Wed May 01 2024 Alex Burmashev <alexander.burmashev@oracle.com> - 8.7p1-38.0.1
```
- Update upstream references [Orabug: 36564626]
```
Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
```
- Fix Terrapin attack
  Resolves: CVE-2023-48795
```
Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-37
```
- Fix Terrapin attack
  Resolves: CVE-2023-48795
```

Wed Dec 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-36

- Fix Terrapin attack
  Resolves: CVE-2023-48795
- Relax OpenSSH build-time checks for OpenSSL version
  Related: RHEL-4734
- Forbid shell metasymbols in username/hostname
  Resolves: CVE-2023-51385

Mon Oct 23 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-35

- Relax OpenSSH checks for OpenSSL version
  Resolves: RHEL-4734
- Limit artificial delays in sshd while login using AD user
  Resolves: RHEL-2469
- Move users/groups creation logic to sysusers.d fragments
  Resolves: RHEL-5222

Thu Jul 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-34

- Avoid remote code execution in ssh-agent PKCS#11 support
  Resolves: CVE-2023-38408

Tue Jun 13 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-33

- Allow specifying validity interval in UTC
  Resolves: rhbz#2115043

Wed May 24 2023 Norbert Pocs <npocs@redhat.com> - 8.7p1-32

- Fix pkcs11 issue with the recent changes
- Delete unnecessary log messages from previous compl-dh patch
- Add ssh_config man page explanation on rhbz#2068423
- Resolves: rhbz#2207793, rhbz#2209096

Tue May 16 2023 Norbert Pocs <npocs@redhat.com> - 8.7p1-31

- Fix minor issues with openssh-8.7p1-evp-fips-compl-dh.patch:
- Check return values
- Use EVP API to get the size of DH
- Add some log debug lines
- Related: rhbz#2091694