openssh-7.4p1-22.el7

エラータID: AXSA:2021-2564:02

Release date: 
Wednesday, November 24, 2021 - 06:09
Subject: 
openssh-7.4p1-22.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX,
and similar operating systems. It includes the core files necessary for both the
OpenSSH client and server.

Security Fix(es):

* openssh: privilege escalation when AuthorizedKeysCommand or
AuthorizedPrincipalsCommand are configured (CVE-2021-41617)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default
configurations are used, allows privilege escalation because supplemental groups
are not initialized as expected. Helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand may run with privileges associated with group
memberships of the sshd process, if the configuration specifies running the
command as a different user.

Solution: 

Update packages.

CVEs: 
CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user.
Additional Info: 

N/A

Download: 

SRPMS
  1. openssh-7.4p1-22.el7.src.rpm
    MD5: 255e2cad7dfba47e013a9f722a6879b7
    SHA-256: bb997b854c341c003c11d8be0813f11a0338f127caeb24bdd38b30cd41b6c21b
    Size: 2.73 MB

Asianux Server 7 for x86_64
  1. openssh-7.4p1-22.el7.x86_64.rpm
    MD5: 9f4632658ad4981cd52b00e9972bf820
    SHA-256: f72827f0e6518cc8211ff13a4a80c8b81ce64d6a04efe3c75d13d7d88c6aefdf
    Size: 509.07 kB
  2. openssh-askpass-7.4p1-22.el7.x86_64.rpm
    MD5: 0cff09af75133359888153eed0814b99
    SHA-256: 6e35e2092fc307ea96246c1337a484f85672c4b312277d0a179e393f2a9ec5e8
    Size: 76.11 kB
  3. openssh-clients-7.4p1-22.el7.x86_64.rpm
    MD5: 2b844acdc794e47e56ccfffb82b391d2
    SHA-256: 3053ccc309cff9658717027665066595a5fa8d05a3eefe4c44035ff223de30aa
    Size: 653.69 kB
  4. openssh-keycat-7.4p1-22.el7.x86_64.rpm
    MD5: bccbe7224ca190e4592b5a138a9ff24c
    SHA-256: 2bc9692615f4fff7d43c426f5d58051af3bdcf3f41cc7d5ff4ad52a6895240e1
    Size: 96.42 kB
  5. openssh-server-7.4p1-22.el7.x86_64.rpm
    MD5: 1c76c37a46bcf0d60a17882ad5d0d334
    SHA-256: 30df47b2768facdb0dceb1b63a53dc1cd2f9eb7069ff230c5317832082164aff
    Size: 458.36 kB