このコンテンツは選択した言語では利用できません。

1.144. openssh


1.144.1. RHBA-2009:1668: bug fix update

Note

This update has already been released (prior to the GA of this release) as errata RHBA-2009:1668
Updated openssh packages that fix a bug are now available.
OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server.
These updated openssh packages fix the following bug:
* when sshd, the SSH daemon, used multiple SFTP channels simultaneously, each SFTP cthannel leaked a UNIX socket. This leak could eventually cause sshd to consume large amounts of system resources. This update fixes the leak by ensuring that every SFTP channel closes the UNIX socket, with the result that using SFTP with multiple simultaneous channels does not cause sshd to monopolize system resources. (BZ#537348)
All users of openssh are advised to upgrade to these updated packages, which resolve this issue.

1.144.2. RHBA-2010:0123: bug fix update

Note

This update has already been released (prior to the GA of this release) as errata RHBA-2010:0123
Updated openssh packages that resolve an issue are now available.
OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server.
These updated openssh packages fix the following bug:
* in order to comply with the FIPS 140-2 standard, Security Requirements for Cryptographic Modules, RAND_cleanup() function calls were added to places where processes, and their child processes, exited, in both the ssh program and the sshd service. (BZ#561420)
All users of openssh are advised to upgrade to these updated packages, which resolve this issue.

1.144.3. RHSA-2009:1470: Moderate security update

Important

This update has already been released (prior to the GA of this release) as the security errata RHSA-2009:1470
Updated openssh packages that fix a security issue are now available for Red Hat Enterprise Linux 5.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server.
A Red Hat specific patch used in the openssh packages as shipped in Red Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain ownership requirements for directories used as arguments for the ChrootDirectory configuration options. A malicious user that also has or previously had non-chroot shell access to a system could possibly use this flaw to escalate their privileges and run commands as any system user. (CVE-2009-2904)
All OpenSSH users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.

1.144.4. RHBA-2010:0193: bug fix update

Updated openssh packages that fix various bugs and add an enhancement are now available.
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These packages include the core files necessary for both the OpenSSH client and server.
These packages address the following bugs:
* When sshd used multiple SFTP channels simultaneously, each SFTP channel leaked a unix socket. This socket leak could have eventually caused the sshd daemon to monopolize system resources. The bug has been fixed with these updated packages by ensuring that there is no socket leak within a subsystem. (BZ#530358)
* If a zero length SSH2 DSA key existed, the ssh init script would hang. This issue has been fixed by allowing the ssh init script to automatically overwrite any zero length keys that exist. The ssh init script now functions as expected, even if a zero length key exists before execution of the script. (BZ#531738)
As well, these updated packages add the following enhancement:
* A call to RAND_cleanup() has been added to ssh and sshd to clean the PRNG status when exiting the program. This enhancement also ensures FIPS-140-2 compliance. (BZ#557164)
All openssh users should upgrade to these updated packages, which resolve these issues.
Red Hat logoGithubRedditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

© 2024 Red Hat, Inc.