Bug Fix Advisory openssh bug fix and enhancement update

Advisory: RHBA-2009:0209-3
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-01-20
Last updated on: 2009-01-20
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
OVAL: N/A

Details

Updated openssh packages that fix a bug and add various enhancements are
now available.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. These
packages include the core files necessary for both the OpenSSH client and
server.

These updated packages fix a bug in which the 'service sshd status' command
sometimes incorrectly indicated that the sshd daemon was running even when
it was not. In these updated packages, requesting the status of the sshd
daemon works as expected, thus resolving the issue.

In addition, these updated packages provide the following enhancements:

* the server daemon and the client utilities now contain changes which
allow using the OpenSSH client and server with the FIPS-140-2-validated
OpenSSL library running in FIPS (Federal Information Processing Standard) mode.

* the performance of scp and sftp file transfers was improved over
high-latency, high-bandwidth connections.

* the sftp server now allows logging of the file transfer commands issued.

* the scp(1) manual page has been improved by the addition of more detailed
information.

Users are advised to upgrade to these updated openssh packages, which
resolve this issue and add these enhancements.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Enterprise Linux (v. 5 server)
SRPMS:
openssh-4.3p2-29.el5.src.rpm
File outdated by:  RHSA-2009:1470		     1a2f7503182d322e51060a1db117aff8
 
IA-32:
openssh-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     23f4888d511e0c2900baea0d80e331eb
openssh-askpass-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     4b516b43ad6774e1ddceb519b2f748e0
openssh-clients-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     a00bb7b7f10e6f59872af0e0a099f6b0
openssh-server-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     9a590c3867fe23002960d53bcc540172
 
IA-64:
openssh-4.3p2-29.el5.ia64.rpm
File outdated by:  RHSA-2009:1470		     578c57b31ffb1fe35ba076f8149367ec
openssh-askpass-4.3p2-29.el5.ia64.rpm
File outdated by:  RHSA-2009:1470		     b82258dd1fda9810e16af0b4ac6fbfdb
openssh-clients-4.3p2-29.el5.ia64.rpm
File outdated by:  RHSA-2009:1470		     418be5a457457d7400ffccad0ca9f811
openssh-server-4.3p2-29.el5.ia64.rpm
File outdated by:  RHSA-2009:1470		     cfec8490e2cf4b56049fdefdbd383290
 
PPC:
openssh-4.3p2-29.el5.ppc.rpm
File outdated by:  RHSA-2009:1470		     cc2909a7f5a0bab2b1c7c66a1f107e3b
openssh-askpass-4.3p2-29.el5.ppc.rpm
File outdated by:  RHSA-2009:1470		     d971412138fb4cf48cafe6a4c8bc489e
openssh-clients-4.3p2-29.el5.ppc.rpm
File outdated by:  RHSA-2009:1470		     931e8ff69beeda12da3196704d53b3bd
openssh-server-4.3p2-29.el5.ppc.rpm
File outdated by:  RHSA-2009:1470		     5113a07b86633dbbc702280ba2b9665e
 
s390x:
openssh-4.3p2-29.el5.s390x.rpm
File outdated by:  RHSA-2009:1470		     8237c29f6db441c2808761b63461ee7c
openssh-askpass-4.3p2-29.el5.s390x.rpm
File outdated by:  RHSA-2009:1470		     41e6d0cee3d12719094c3f6107e73ae2
openssh-clients-4.3p2-29.el5.s390x.rpm
File outdated by:  RHSA-2009:1470		     423651ba13042beb80acd0326c130dac
openssh-server-4.3p2-29.el5.s390x.rpm
File outdated by:  RHSA-2009:1470		     739fe90e46b68ac0a6fb81b0c838adf5
 
x86_64:
openssh-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     0fb2d41e6763993a588d42e7b28f4912
openssh-askpass-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     2fb5170e74c7484675f90b005aa94210
openssh-clients-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     5b2a48cbd197570f5632055abbb108bd
openssh-server-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     5a9b40be2b965c2c1125b1a9da217e55
 
Red Hat Enterprise Linux Desktop (v. 5 client)
SRPMS:
openssh-4.3p2-29.el5.src.rpm
File outdated by:  RHSA-2009:1470		     1a2f7503182d322e51060a1db117aff8
 
IA-32:
openssh-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     23f4888d511e0c2900baea0d80e331eb
openssh-askpass-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     4b516b43ad6774e1ddceb519b2f748e0
openssh-clients-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     a00bb7b7f10e6f59872af0e0a099f6b0
openssh-server-4.3p2-29.el5.i386.rpm
File outdated by:  RHSA-2009:1470		     9a590c3867fe23002960d53bcc540172
 
x86_64:
openssh-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     0fb2d41e6763993a588d42e7b28f4912
openssh-askpass-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     2fb5170e74c7484675f90b005aa94210
openssh-clients-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     5b2a48cbd197570f5632055abbb108bd
openssh-server-4.3p2-29.el5.x86_64.rpm
File outdated by:  RHSA-2009:1470		     5a9b40be2b965c2c1125b1a9da217e55
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

430877 - 'service sshd status' is broken
433381 - Slight addition to the "scp" man page


Keywords

FIPS, latency, log, scp, sftp, speed, status

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/