ALSA-2023:2645

[ALSA-2023:2645] Moderate: openssh security update

Type:

security

Severity:

moderate

Release date:

2023-05-11

Description:

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

* openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability (CVE-2023-25136)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openssh-clients-8.7p1-29.el9_2.aarch64.rpm	0c38f3e64a9e36c4366a82d5a720220b76030d9a7fa925510607f93e9169f5c6
aarch64	openssh-keycat-8.7p1-29.el9_2.aarch64.rpm	4f528dba750dcc17bf2a0e99b668c8d4b098367ae06df3975c35253f1f2916c1
aarch64	openssh-server-8.7p1-29.el9_2.aarch64.rpm	56445e319a92a77762bbf6a06ebd520a65419c2ef754ae485f01968a12120b7f
aarch64	pam_ssh_agent_auth-0.10.4-5.29.el9_2.aarch64.rpm	7b55dda7a8081f8fc34a71da040b7ddc19986775ed2d39537d77dd173eb0f076
aarch64	openssh-8.7p1-29.el9_2.aarch64.rpm	955c10ce9dcf00ed60b6769f26e987392bc1c6674bb74637b8d39b62b610bd8e
aarch64	openssh-askpass-8.7p1-29.el9_2.aarch64.rpm	fdd4abd440516fc5bf08e0978e24a6611b4481a7e20e182d1cfb034590cd3537
ppc64le	openssh-keycat-8.7p1-29.el9_2.ppc64le.rpm	044df30fe9985057856128adebffda5766be25fe6ee4c1486d8a23df8d4c077f
ppc64le	openssh-clients-8.7p1-29.el9_2.ppc64le.rpm	0d1edc33f4a7994f2f19adfdb864a0085cf6e487e5596a0a75ebba70d50de63d
ppc64le	openssh-server-8.7p1-29.el9_2.ppc64le.rpm	58940f938512a0320739ec1d661f8f7a2ad1d5187cbbf8f4b69d5470fe6bf9c4
ppc64le	openssh-askpass-8.7p1-29.el9_2.ppc64le.rpm	ac8d7adac343f07cd1f77c3ea7ad0f266f99394bddabe0369152f58d78a32b33
ppc64le	openssh-8.7p1-29.el9_2.ppc64le.rpm	b5091f11b8f763daa2a476ef371bba513a75c30ed0c1bf73b0f5cd6510ad0fff
ppc64le	pam_ssh_agent_auth-0.10.4-5.29.el9_2.ppc64le.rpm	cdc5eb520abb521ab0ae15c7396cf566097675727025cdb66fc477af1f462811
s390x	pam_ssh_agent_auth-0.10.4-5.29.el9_2.s390x.rpm	4004e98e49aa53a83f884bb9b8711cb371e808289bb752c92929b945d513a984
s390x	openssh-askpass-8.7p1-29.el9_2.s390x.rpm	9cae5e29760b400424102654aa8957ea047b2f7ad45bc7c28dd4f164abe1724c
s390x	openssh-8.7p1-29.el9_2.s390x.rpm	a0337912654a7c5236f0d2d0f1a0ad9dc41810dab1c00f0340e427d88e60ecf4
s390x	openssh-clients-8.7p1-29.el9_2.s390x.rpm	bd3a42bcad078fd49f7171b1ce30ee37cf7c59aafd4b160b5da0d43016473c62
s390x	openssh-keycat-8.7p1-29.el9_2.s390x.rpm	f1256e6d2030dba0115324b4961ef02f491f606adef26f2a466a4cf3b47d44e5
s390x	openssh-server-8.7p1-29.el9_2.s390x.rpm	f1574fab4aaae6684a54cc9498e940986d434859c8604b7f8699f65c38ffc92a
x86_64	openssh-keycat-8.7p1-29.el9_2.x86_64.rpm	0bce5b0452e904f8ffd06bf3efede63bebbacf900047fe8dfb375ebd35845b97
x86_64	openssh-8.7p1-29.el9_2.x86_64.rpm	38098e17d4f19556dad5beabe1a7e4f2c2b369235be4601a347ba0e6f58dbe0a
x86_64	openssh-clients-8.7p1-29.el9_2.x86_64.rpm	4ce0d9a948600e73166abbdf9e2f4bb39f58914ccf9ac3745c01757933c56533
x86_64	pam_ssh_agent_auth-0.10.4-5.29.el9_2.x86_64.rpm	baebe1ac8390c4d7e3cc6e90427935d75eb04c464115480d7d41a7d294ba37f7
x86_64	openssh-server-8.7p1-29.el9_2.x86_64.rpm	c8ec20467a3d9a8c48a0a99b46667d8ce9be2fead5415eacb2bed43ca8676bb6
x86_64	openssh-askpass-8.7p1-29.el9_2.x86_64.rpm	f804c3c719b95c5f6e9ff7dd2e6adf242bd8be9a0c3081e07565cb6048783b66

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.