openssh-8.0p1-19.el8

エラータID: AXSA:2023-6282:09

Release date: 
Wednesday, August 2, 2023 - 11:52
Subject: 
openssh-8.0p1-19.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

* openssh: Remote code execution in ssh-agent PKCS#11 support (CVE-2023-38408)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.

Solution: 

Update packages.

CVEs: 
CVE-2023-38408
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Additional Info: 

N/A

Download: 

SRPMS
  1. openssh-8.0p1-19.el8.src.rpm
    MD5: f3b6a085cbecb6bf2c5d6dae1e6ce0b6
    SHA-256: 3e784e60c65a016135a5eeaf0bd1f3da1091725c4483e49a696a2a6c59ea20bd
    Size: 2.88 MB

Asianux Server 8 for x86_64
  1. openssh-8.0p1-19.el8.x86_64.rpm
    MD5: f0884705e58b1d9be4634de5dea7bdb5
    SHA-256: 363999b5883a60f57b9330cd27cadc3d3e6901fa720e4709f551fb0b87fe760d
    Size: 522.61 kB
  2. openssh-askpass-8.0p1-19.el8.x86_64.rpm
    MD5: 5d39e9b3febf0efc2140c09235c9cd04
    SHA-256: 62ce5d3e43cdedb8c47571896a2224902eac2329697fe4b08c85d4dacedbd56a
    Size: 93.22 kB
  3. openssh-cavs-8.0p1-19.el8.x86_64.rpm
    MD5: 62c31e25f848871b66bf4088b60ef886
    SHA-256: 465e1d9afde5650b0417baeec9a691a428462e44f235df1ede706354796bdc82
    Size: 231.38 kB
  4. openssh-clients-8.0p1-19.el8.x86_64.rpm
    MD5: 7a09a85d3dde18f77e9b4395c333c785
    SHA-256: c2c0bee9031ccbc1cfa660d1b8ad1065400ee3c805ff3f2084f10a0f030fecb8
    Size: 667.95 kB
  5. openssh-keycat-8.0p1-19.el8.x86_64.rpm
    MD5: 12fefc08b3361582955eed775d46e9e2
    SHA-256: 7784d27ebb28e449b732e49c03a4cf4a85c235053cc6e81f0810be020a3b7a6a
    Size: 116.50 kB
  6. openssh-ldap-8.0p1-19.el8.x86_64.rpm
    MD5: 592d764968afeab30c7ce4f9f32241ec
    SHA-256: 188f55478668141d1bcfdee28574f5bd50b9fca28f2dc2cf0e6aefe847510524
    Size: 132.39 kB
  7. openssh-server-8.0p1-19.el8.x86_64.rpm
    MD5: 2d8485c3693bd16686995fbbaaa59448
    SHA-256: 30761bd2245e7937b3d1cefb4210e1e2d08f4dbb484591e26d98ebf45de1e943
    Size: 491.83 kB
  8. pam_ssh_agent_auth-0.10.3-7.19.el8.x86_64.rpm
    MD5: 5911497cd710ae987f1780c1c0658659
    SHA-256: e228efb8f215a23d8fa06bbcfca94e5191163840ed7fb9f97a40cb7c8180ba4d
    Size: 208.05 kB