openssh-6.6.1p1-25.el7

エラータID: AXSA:2016-146:02

Release date: 
Tuesday, March 22, 2016 - 05:03
Subject: 
openssh-6.6.1p1-25.el7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
Moderate
Description: 

SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

Security issues fixed with this release:

CVE-2016-1908
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-3115
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.

Solution: 

Update packages.

CVEs: 
CVE-2016-1908
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues on this X11 server, as demonstrated by lack of the SECURITY extension on this X11 server.
CVE-2016-3115
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.
Additional Info: 

N/A

Download: 

SRPMS
  1. openssh-6.6.1p1-25.el7.src.rpm
    MD5: 73b36959320ea389530b64df92c7860e
    SHA-256: 83b73376e33be9bc6a8593bc7fa63970a53a06342c98577a245dffdab17acdf7
    Size: 1.71 MB

Asianux Server 7 for x86_64
  1. openssh-6.6.1p1-25.el7.x86_64.rpm
    MD5: 685fafb4ca5c542ee1d1cdeab75248cb
    SHA-256: c45affb27ffcfa3b1630585d06ae47c36ab76790b777e6138e1267b347f8c268
    Size: 434.04 kB
  2. openssh-askpass-6.6.1p1-25.el7.x86_64.rpm
    MD5: fcd32a9eb9de8d8ec6704b94b4b0886e
    SHA-256: 49b91eb1b066a3343fe539963247fae6dcef0cb3069e1e5d28f52cc072ffa237
    Size: 70.97 kB
  3. openssh-clients-6.6.1p1-25.el7.x86_64.rpm
    MD5: 503b2aa5dbdc773ea03aa6270f4f2f7d
    SHA-256: dbc488bb4c7ca1f18bb08824672529ba0a8aa6e6e47168386d1e8d5910e6ca19
    Size: 638.32 kB
  4. openssh-keycat-6.6.1p1-25.el7.x86_64.rpm
    MD5: 1915cd9c392dd4b49bac9dc824326363
    SHA-256: 94c7c6a85bf5ee31e50b194943fb27bc4ea9d979324849093c3a1896279d6fa1
    Size: 85.41 kB
  5. openssh-server-6.6.1p1-25.el7.x86_64.rpm
    MD5: fd383637487fb568fb355dd2e8d3f2e6
    SHA-256: e2b9e906e16678a0e30c3dbfefbbbfbb829aeb17224acdab80848266bcde9098
    Size: 435.27 kB