ALSA-2024:0606

[ALSA-2024:0606] Moderate: openssh security update

Type:

security

Severity:

moderate

Release date:

2024-01-31

Description:

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)
* openssh: potential command injection via shell metacharacters (CVE-2023-51385)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openssh-clients-8.0p1-19.el8_9.2.aarch64.rpm	0c0405a2ab61a34ba52a2b4c1e63c3b3ae60dd5e68cca6ce9d6342137461676e
aarch64	openssh-cavs-8.0p1-19.el8_9.2.aarch64.rpm	6131d47f0b5cbc0129056ed6349cc7f75046c410501d6b6a0982591b2ec7a159
aarch64	openssh-ldap-8.0p1-19.el8_9.2.aarch64.rpm	6e27fe8308776b15cc4bdec0153b27f20ec63870f7d471f4525a8415598d47d3
aarch64	openssh-server-8.0p1-19.el8_9.2.aarch64.rpm	70658efe495a4c8442c2cb52f7524877ebb12276c70672b5103a8ef8ef48de7f
aarch64	openssh-askpass-8.0p1-19.el8_9.2.aarch64.rpm	793fadb5d53d6b693d7ff1cf4ccf849d6ebab14ccac0cd506b7f88ee13d29a90
aarch64	openssh-8.0p1-19.el8_9.2.aarch64.rpm	8ef2ce0053ad48851ea3afa73749283a439c602c9340a4b4e45213e56268dad0
aarch64	pam_ssh_agent_auth-0.10.3-7.19.el8_9.2.aarch64.rpm	9c6b917e73600e98487bf45f17e761d9c8d731e1e005105860b0d53439861a97
aarch64	openssh-keycat-8.0p1-19.el8_9.2.aarch64.rpm	f9e102ed8b436509ae4ca5977e5f8c87a5bbf241a81902fc19c0e5bbd2c548ff
ppc64le	openssh-keycat-8.0p1-19.el8_9.2.ppc64le.rpm	0865cec118c71a01d693c27aca19569837dd18e61c8de82f1bc8974893b151dd
ppc64le	openssh-8.0p1-19.el8_9.2.ppc64le.rpm	1bff0654b186f7ad3fb843ad9d8418cf1ea2a8f08858efc35618e8dc6cf71aec
ppc64le	openssh-askpass-8.0p1-19.el8_9.2.ppc64le.rpm	23ffd81cfaf69f26834e9fbb3fe2f4b1f3090e8b5eca4ba53d33aab77e871de0
ppc64le	openssh-cavs-8.0p1-19.el8_9.2.ppc64le.rpm	7863968d2d5af1ff2c324ab3393196b0fca494b1cf51627425fa55e3a72c18f8
ppc64le	openssh-ldap-8.0p1-19.el8_9.2.ppc64le.rpm	b22a60fed625f372adf7f834e06d384cdfed8e58bccf1e32d201c40d1425aedb
ppc64le	openssh-server-8.0p1-19.el8_9.2.ppc64le.rpm	c286e252a66c8567214524ed8b30e62d53cc737ad513128d17e77c31595e2376
ppc64le	pam_ssh_agent_auth-0.10.3-7.19.el8_9.2.ppc64le.rpm	f68ae5b2ba14f198b1de8eca9a3b273ff5b3c9eef6a0124cb351e7c15a34c30b
ppc64le	openssh-clients-8.0p1-19.el8_9.2.ppc64le.rpm	fdcbe84d95d04260fdcbf1c7d8e8877ae66ee828e63f1e573a2983e06a05e42f
s390x	openssh-ldap-8.0p1-19.el8_9.2.s390x.rpm	4372aa95600584df9b139404b2d9063f589f8822162485e79b5667b0baf5bddc
s390x	openssh-server-8.0p1-19.el8_9.2.s390x.rpm	50621ed93920e66b206f6dce8905d86ffa1b3608ca0954c2b4efcd6281c80cdc
s390x	openssh-cavs-8.0p1-19.el8_9.2.s390x.rpm	52a825d267990593789f87e17d939edae3c6bc00e642c754e0d9b32bc659c434
s390x	openssh-clients-8.0p1-19.el8_9.2.s390x.rpm	7d0daff30c182c7c5d539773778eebad925591b24deb997a2a066126e51ded95
s390x	pam_ssh_agent_auth-0.10.3-7.19.el8_9.2.s390x.rpm	a584eb479f96748eab0029bbd4e20f53db384575511961a51e2024ad766f9583
s390x	openssh-8.0p1-19.el8_9.2.s390x.rpm	b2cd7da52dc8468ba1866bec643d975a254e46bed75e1e14f602464b65763009
s390x	openssh-keycat-8.0p1-19.el8_9.2.s390x.rpm	c1441055789e6b214145a230336830e10bc201488126b635ede36b873cb7ca66
s390x	openssh-askpass-8.0p1-19.el8_9.2.s390x.rpm	e2469a8a10496196e335b0449ebda83cffc9f4b27799585c6c5f5d158fbf380d
x86_64	openssh-cavs-8.0p1-19.el8_9.2.x86_64.rpm	2a001b6e918caef30bc528bac72a755caa08a562a8d6ba24d58a5e6d68d99f9d
x86_64	pam_ssh_agent_auth-0.10.3-7.19.el8_9.2.x86_64.rpm	53a8a13a560fe0e114175cc0bdd7e6cc26fa49c4f45ac57048bd548a11bbb69f
x86_64	openssh-clients-8.0p1-19.el8_9.2.x86_64.rpm	54006c9670b980ebf37f3d9afa6c55cd21b2f7a4e52b4103bc49f1125d81f933
x86_64	openssh-askpass-8.0p1-19.el8_9.2.x86_64.rpm	9e8f59a2ba14c15b29e64b7fd6f840c5a800a595362063578c6d7f047871a8fe
x86_64	openssh-server-8.0p1-19.el8_9.2.x86_64.rpm	a6980838e3a9550e4bd436a8052ec64954b3b27758c23a654cb6c67dc8c83428
x86_64	openssh-keycat-8.0p1-19.el8_9.2.x86_64.rpm	aa8390b928866e7100f3e0e7da38c05e34f286b9ee15b3914bcdf9ffe5d02fae
x86_64	openssh-8.0p1-19.el8_9.2.x86_64.rpm	c05724680b503f7224450853ca38ab10459e356eb5a1d8d11fa7689ce4f4ebe3
x86_64	openssh-ldap-8.0p1-19.el8_9.2.x86_64.rpm	c26b62d5fd9ec3020292f41188dc82a4a26bbe16c4d01bca0c50f2e83ca89dad

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.