Skip to navigation

Security Advisory Critical: openssh security update

Advisory: RHSA-2008:0855-6
Type: Security Advisory
Severity: Critical
Issued on: 2008-08-22
Last updated on: 2008-08-22
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.5.z)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.5.z)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux EUS (v. 5.2.z server)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2007-4752
CVE-2008-3844

Details

Updated openssh packages are now available for Red Hat Enterprise Linux 4,
Red Hat Enterprise Linux 5, and Red Hat Enterprise Linux 4.5 Extended
Update Support.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation.

Last week Red Hat detected an intrusion on certain of its computer systems
and took immediate action. While the investigation into the intrusion is
on-going, our initial focus was to review and test the distribution
channel we use with our customers, Red Hat Network (RHN) and its associated
security measures. Based on these efforts, we remain highly confident that
our systems and processes prevented the intrusion from compromising RHN or
the content distributed via RHN and accordingly believe that customers who
keep their systems updated using Red Hat Network are not at risk. We are
issuing this alert primarily for those who may obtain Red Hat binary
packages via channels other than those of official Red Hat subscribers.

In connection with the incident, the intruder was able to sign a small
number of OpenSSH packages relating only to Red Hat Enterprise Linux 4
(i386 and x86_64 architectures only) and Red Hat Enterprise Linux 5 (x86_64
architecture only). As a precautionary measure, we are releasing an
updated version of these packages, and have published a list of the
tampered packages and how to detect them at
http://www.redhat.com/security/data/openssh-blacklist.html

To reiterate, our processes and efforts to date indicate that packages
obtained by Red Hat Enterprise Linux subscribers via Red Hat Network are
not at risk.

These packages also fix a low severity flaw in the way ssh handles X11
cookies when creating X11 forwarding connections. When ssh was unable to
create untrusted cookie, ssh used a trusted cookie instead, possibly
allowing the administrative user of a untrusted remote server, or untrusted
application run on the remote server, to gain unintended access to a users
local X server. (CVE-2007-4752)


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

Red Hat Desktop (v. 4)

SRPMS:
openssh-3.9p1-11.el4_7.src.rpm
File outdated by:  RHEA-2010:0511
    MD5: f304fb1e487ff288c58c8ba145522260
 
IA-32:
openssh-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: a3745b401b8bf799995f538664dc5410
openssh-askpass-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 46a57c34b0622b707d43b7a6f6c7f78f
openssh-askpass-gnome-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 2388390ef6e6de4cbd81a80b2113f83f
openssh-clients-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8a9be029b461791fa76ad5579b3a16a4
openssh-server-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: e56217ce16770762e3fa21774c1de76b
 
x86_64:
openssh-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8b1ad8f4b1fe14374a21125d611764cc
openssh-askpass-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 622b19c35678698a9603a97fd086d949
openssh-askpass-gnome-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 1968d276a2d706815823836e68255ecf
openssh-clients-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: daed1dac216199e66bf9931efe238775
openssh-server-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: d4075dbe534d6ec4c5deb56d26e83cf9
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
openssh-4.3p2-26.el5_2.1.src.rpm
File outdated by:  RHBA-2012:0237
    MD5: 61827881d43a6f3a5072de9638a7e4f8
 
IA-32:
openssh-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 85a5393d6aea46770d5c98f52df57f1b
openssh-askpass-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 8fdb0b9008283a439936a59841033bdf
openssh-clients-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 5dd2e639064a40c20d274325f074c68d
openssh-server-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 851e2daf6d1e05d55a9128ecb7669b8a
 
IA-64:
openssh-4.3p2-26.el5_2.1.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 39e09ad473f5b9d33d63434382d7fd11
openssh-askpass-4.3p2-26.el5_2.1.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: ba23caf23586057b159f684b9a840d46
openssh-clients-4.3p2-26.el5_2.1.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: e36e7cf756150d87e5dae6529139f708
openssh-server-4.3p2-26.el5_2.1.ia64.rpm
File outdated by:  RHBA-2012:0237
    MD5: e1465beb1ff34f83ef4363785ae6fa8e
 
PPC:
openssh-4.3p2-26.el5_2.1.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 74addaaa7e16369fbca0755751c8f8ec
openssh-askpass-4.3p2-26.el5_2.1.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: d98649e557f30b7a0ab8068707144606
openssh-clients-4.3p2-26.el5_2.1.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 7a0990ce21eed0ef39d25dea1a74a23a
openssh-server-4.3p2-26.el5_2.1.ppc.rpm
File outdated by:  RHBA-2012:0237
    MD5: 84d4187f9465ab3a0fb7953b15b356e5
 
s390x:
openssh-4.3p2-26.el5_2.1.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: 12b68257fc37784e744591d064d5c719
openssh-askpass-4.3p2-26.el5_2.1.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: 2278ac4619fe16785d2e6427efb34d87
openssh-clients-4.3p2-26.el5_2.1.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: 41e1b8e3256fa8e172d78f1be169926a
openssh-server-4.3p2-26.el5_2.1.s390x.rpm
File outdated by:  RHBA-2012:0237
    MD5: d8a848791761b53803476c92f24aa96e
 
x86_64:
openssh-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 3ceed19221eb1ed06197567b59671777
openssh-askpass-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 1339ea81c34ef44df71415777ed22007
openssh-clients-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 3fb6de8242dc79caa64bcf086fa853df
openssh-server-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: b9492b17ea51e6a5faab054aa755e4a1
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
openssh-3.9p1-11.el4_7.src.rpm
File outdated by:  RHEA-2010:0511
    MD5: f304fb1e487ff288c58c8ba145522260
 
IA-32:
openssh-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: a3745b401b8bf799995f538664dc5410
openssh-askpass-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 46a57c34b0622b707d43b7a6f6c7f78f
openssh-askpass-gnome-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 2388390ef6e6de4cbd81a80b2113f83f
openssh-clients-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8a9be029b461791fa76ad5579b3a16a4
openssh-server-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: e56217ce16770762e3fa21774c1de76b
 
IA-64:
openssh-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: bfadc08c479f7e3a472fc231de99f875
openssh-askpass-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 323b31dee9d7c3ed817849217e9230a2
openssh-askpass-gnome-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8abf2ebb5cfc2077573664fda4878a07
openssh-clients-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 24d2df09a5c3424393e2f60d0dab21f7
openssh-server-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: be71a22f9998075e52f807ac52b526ea
 
PPC:
openssh-3.9p1-11.el4_7.ppc.rpm
File outdated by:  RHEA-2010:0511
    MD5: c2ff5d24d3f0a47874469234ca517ab9
openssh-askpass-3.9p1-11.el4_7.ppc.rpm
File outdated by:  RHEA-2010:0511
    MD5: 0ff871ce740ddb80cdf306b6a851ae1a
openssh-askpass-gnome-3.9p1-11.el4_7.ppc.rpm
File outdated by:  RHEA-2010:0511
    MD5: 9934ea584f4f971d97af25a570e871e8
openssh-clients-3.9p1-11.el4_7.ppc.rpm
File outdated by:  RHEA-2010:0511
    MD5: 2478925b2528f7db51d4647cb520632e
openssh-server-3.9p1-11.el4_7.ppc.rpm
File outdated by:  RHEA-2010:0511
    MD5: bb302cc799a56ec1775dd090791f6f4b
 
s390:
openssh-3.9p1-11.el4_7.s390.rpm
File outdated by:  RHEA-2010:0511
    MD5: 4e816787e1de1205f892b4326c0765d0
openssh-askpass-3.9p1-11.el4_7.s390.rpm
File outdated by:  RHEA-2010:0511
    MD5: bbdb4b69a87f767667b4c70786de6c1a
openssh-askpass-gnome-3.9p1-11.el4_7.s390.rpm
File outdated by:  RHEA-2010:0511
    MD5: e8e413497ca2220c9187aef1fda652b7
openssh-clients-3.9p1-11.el4_7.s390.rpm
File outdated by:  RHEA-2010:0511
    MD5: 01ff12db9ec3bc8106d988780ac1c481
openssh-server-3.9p1-11.el4_7.s390.rpm
File outdated by:  RHEA-2010:0511
    MD5: f1e82aa9a506fbc4cb3562babf765dc3
 
s390x:
openssh-3.9p1-11.el4_7.s390x.rpm
File outdated by:  RHEA-2010:0511
    MD5: 5d5cefb247474d391925413276ff7adb
openssh-askpass-3.9p1-11.el4_7.s390x.rpm
File outdated by:  RHEA-2010:0511
    MD5: 01bc38e43b7b8a989ede5b66f91a6c21
openssh-askpass-gnome-3.9p1-11.el4_7.s390x.rpm
File outdated by:  RHEA-2010:0511
    MD5: 125027a839c387328d5fa982529852e7
openssh-clients-3.9p1-11.el4_7.s390x.rpm
File outdated by:  RHEA-2010:0511
    MD5: 0676d2fe02d8c944e76b9485f36d9c8a
openssh-server-3.9p1-11.el4_7.s390x.rpm
File outdated by:  RHEA-2010:0511
    MD5: 4033374e14e64e2c0a1e79bb9e25c746
 
x86_64:
openssh-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8b1ad8f4b1fe14374a21125d611764cc
openssh-askpass-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 622b19c35678698a9603a97fd086d949
openssh-askpass-gnome-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 1968d276a2d706815823836e68255ecf
openssh-clients-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: daed1dac216199e66bf9931efe238775
openssh-server-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: d4075dbe534d6ec4c5deb56d26e83cf9
 
Red Hat Enterprise Linux AS (v. 4.5.z)

SRPMS:
openssh-3.9p1-10.RHEL4.20.src.rpm     MD5: 90acbb4ac1d221875b245bd510710a8f
 
IA-32:
openssh-3.9p1-10.RHEL4.20.i386.rpm     MD5: 8771c57236923ab78aee06b170522e79
openssh-askpass-3.9p1-10.RHEL4.20.i386.rpm     MD5: c4adbf61762339ed707a616e37d93a18
openssh-askpass-gnome-3.9p1-10.RHEL4.20.i386.rpm     MD5: 12bcdfa97bbadf66ce0c68f113cb14f3
openssh-clients-3.9p1-10.RHEL4.20.i386.rpm     MD5: bbb7aeee28e71eba8482a991fcb78c22
openssh-server-3.9p1-10.RHEL4.20.i386.rpm     MD5: 9ccea50d8435a15c4ed2c1a67f51ddaf
 
IA-64:
openssh-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 95ca17a63ef3cf223ca8eb8295b2a784
openssh-askpass-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 61c94dc386402c614a9823f1a8c02894
openssh-askpass-gnome-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 4c558d84fc7f2fa2ba693c732065cf34
openssh-clients-3.9p1-10.RHEL4.20.ia64.rpm     MD5: ee989f269ae87cb4db5ac05415764e9c
openssh-server-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 1b4bc6923f83acd35a397f07c7818ad6
 
PPC:
openssh-3.9p1-10.RHEL4.20.ppc.rpm     MD5: 71f729243c0a45fae9f66480a3e06420
openssh-askpass-3.9p1-10.RHEL4.20.ppc.rpm     MD5: ffd789ef66be0099d0cf4ff6f52f1fd4
openssh-askpass-gnome-3.9p1-10.RHEL4.20.ppc.rpm     MD5: 136d25e3fe14fb12d7bdb821bb5a9585
openssh-clients-3.9p1-10.RHEL4.20.ppc.rpm     MD5: 44dd13d17e3fa9a1c430f112ca2fe9c2
openssh-server-3.9p1-10.RHEL4.20.ppc.rpm     MD5: a18f6dbc4749cdb466df3ba520bd49d0
 
s390:
openssh-3.9p1-10.RHEL4.20.s390.rpm     MD5: bc14021c30b34afa79ca917328ebc2c2
openssh-askpass-3.9p1-10.RHEL4.20.s390.rpm     MD5: 5b6227309870e84f6158c9adc398c254
openssh-askpass-gnome-3.9p1-10.RHEL4.20.s390.rpm     MD5: 404f2b49892af3456627fbf6ba551d76
openssh-clients-3.9p1-10.RHEL4.20.s390.rpm     MD5: 4d3887bf38b1017f534ac0405716d72e
openssh-server-3.9p1-10.RHEL4.20.s390.rpm     MD5: 3ba159171cf28bbb273def9671d5bfa8
 
s390x:
openssh-3.9p1-10.RHEL4.20.s390x.rpm     MD5: 1ba5feb359ff0e2ffcabdc925275c4ce
openssh-askpass-3.9p1-10.RHEL4.20.s390x.rpm     MD5: 6e81efea41e82890b4a5793b251fb29b
openssh-askpass-gnome-3.9p1-10.RHEL4.20.s390x.rpm     MD5: 78ed6cef54cf40883db0b900751b39f8
openssh-clients-3.9p1-10.RHEL4.20.s390x.rpm     MD5: 5d2ff3ae9a36c38d7a2c98f1b259b354
openssh-server-3.9p1-10.RHEL4.20.s390x.rpm     MD5: 22a4cf17358c27b17027a59f1ceb3a3c
 
x86_64:
openssh-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: a6d33ef928776fd968316e1a261973de
openssh-askpass-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: cbe186f0649e041cf59ad756961839fc
openssh-askpass-gnome-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: f6de144683ac37b755ae3c71993cd517
openssh-clients-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: 7daa859c029ea67a8126cda891e1ef12
openssh-server-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: 4a6e73d35d94d59918daee95f4076bc9
 
Red Hat Enterprise Linux AS (v. 4.7.z)

SRPMS:
openssh-3.9p1-11.el4_7.src.rpm
File outdated by:  RHEA-2010:0511
    MD5: f304fb1e487ff288c58c8ba145522260
 
IA-32:
openssh-3.9p1-11.el4_7.i386.rpm     MD5: a3745b401b8bf799995f538664dc5410
openssh-askpass-3.9p1-11.el4_7.i386.rpm     MD5: 46a57c34b0622b707d43b7a6f6c7f78f
openssh-askpass-gnome-3.9p1-11.el4_7.i386.rpm     MD5: 2388390ef6e6de4cbd81a80b2113f83f
openssh-clients-3.9p1-11.el4_7.i386.rpm     MD5: 8a9be029b461791fa76ad5579b3a16a4
openssh-server-3.9p1-11.el4_7.i386.rpm     MD5: e56217ce16770762e3fa21774c1de76b
 
IA-64:
openssh-3.9p1-11.el4_7.ia64.rpm     MD5: bfadc08c479f7e3a472fc231de99f875
openssh-askpass-3.9p1-11.el4_7.ia64.rpm     MD5: 323b31dee9d7c3ed817849217e9230a2
openssh-askpass-gnome-3.9p1-11.el4_7.ia64.rpm     MD5: 8abf2ebb5cfc2077573664fda4878a07
openssh-clients-3.9p1-11.el4_7.ia64.rpm     MD5: 24d2df09a5c3424393e2f60d0dab21f7
openssh-server-3.9p1-11.el4_7.ia64.rpm     MD5: be71a22f9998075e52f807ac52b526ea
 
PPC:
openssh-3.9p1-11.el4_7.ppc.rpm     MD5: c2ff5d24d3f0a47874469234ca517ab9
openssh-askpass-3.9p1-11.el4_7.ppc.rpm     MD5: 0ff871ce740ddb80cdf306b6a851ae1a
openssh-askpass-gnome-3.9p1-11.el4_7.ppc.rpm     MD5: 9934ea584f4f971d97af25a570e871e8
openssh-clients-3.9p1-11.el4_7.ppc.rpm     MD5: 2478925b2528f7db51d4647cb520632e
openssh-server-3.9p1-11.el4_7.ppc.rpm     MD5: bb302cc799a56ec1775dd090791f6f4b
 
s390:
openssh-3.9p1-11.el4_7.s390.rpm     MD5: 4e816787e1de1205f892b4326c0765d0
openssh-askpass-3.9p1-11.el4_7.s390.rpm     MD5: bbdb4b69a87f767667b4c70786de6c1a
openssh-askpass-gnome-3.9p1-11.el4_7.s390.rpm     MD5: e8e413497ca2220c9187aef1fda652b7
openssh-clients-3.9p1-11.el4_7.s390.rpm     MD5: 01ff12db9ec3bc8106d988780ac1c481
openssh-server-3.9p1-11.el4_7.s390.rpm     MD5: f1e82aa9a506fbc4cb3562babf765dc3
 
s390x:
openssh-3.9p1-11.el4_7.s390x.rpm     MD5: 5d5cefb247474d391925413276ff7adb
openssh-askpass-3.9p1-11.el4_7.s390x.rpm     MD5: 01bc38e43b7b8a989ede5b66f91a6c21
openssh-askpass-gnome-3.9p1-11.el4_7.s390x.rpm     MD5: 125027a839c387328d5fa982529852e7
openssh-clients-3.9p1-11.el4_7.s390x.rpm     MD5: 0676d2fe02d8c944e76b9485f36d9c8a
openssh-server-3.9p1-11.el4_7.s390x.rpm     MD5: 4033374e14e64e2c0a1e79bb9e25c746
 
x86_64:
openssh-3.9p1-11.el4_7.x86_64.rpm     MD5: 8b1ad8f4b1fe14374a21125d611764cc
openssh-askpass-3.9p1-11.el4_7.x86_64.rpm     MD5: 622b19c35678698a9603a97fd086d949
openssh-askpass-gnome-3.9p1-11.el4_7.x86_64.rpm     MD5: 1968d276a2d706815823836e68255ecf
openssh-clients-3.9p1-11.el4_7.x86_64.rpm     MD5: daed1dac216199e66bf9931efe238775
openssh-server-3.9p1-11.el4_7.x86_64.rpm     MD5: d4075dbe534d6ec4c5deb56d26e83cf9
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
openssh-4.3p2-26.el5_2.1.src.rpm
File outdated by:  RHBA-2012:0237
    MD5: 61827881d43a6f3a5072de9638a7e4f8
 
IA-32:
openssh-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 85a5393d6aea46770d5c98f52df57f1b
openssh-askpass-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 8fdb0b9008283a439936a59841033bdf
openssh-clients-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 5dd2e639064a40c20d274325f074c68d
openssh-server-4.3p2-26.el5_2.1.i386.rpm
File outdated by:  RHBA-2012:0237
    MD5: 851e2daf6d1e05d55a9128ecb7669b8a
 
x86_64:
openssh-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 3ceed19221eb1ed06197567b59671777
openssh-askpass-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 1339ea81c34ef44df71415777ed22007
openssh-clients-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: 3fb6de8242dc79caa64bcf086fa853df
openssh-server-4.3p2-26.el5_2.1.x86_64.rpm
File outdated by:  RHBA-2012:0237
    MD5: b9492b17ea51e6a5faab054aa755e4a1
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
openssh-3.9p1-11.el4_7.src.rpm
File outdated by:  RHEA-2010:0511
    MD5: f304fb1e487ff288c58c8ba145522260
 
IA-32:
openssh-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: a3745b401b8bf799995f538664dc5410
openssh-askpass-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 46a57c34b0622b707d43b7a6f6c7f78f
openssh-askpass-gnome-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 2388390ef6e6de4cbd81a80b2113f83f
openssh-clients-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8a9be029b461791fa76ad5579b3a16a4
openssh-server-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: e56217ce16770762e3fa21774c1de76b
 
IA-64:
openssh-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: bfadc08c479f7e3a472fc231de99f875
openssh-askpass-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 323b31dee9d7c3ed817849217e9230a2
openssh-askpass-gnome-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8abf2ebb5cfc2077573664fda4878a07
openssh-clients-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 24d2df09a5c3424393e2f60d0dab21f7
openssh-server-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: be71a22f9998075e52f807ac52b526ea
 
x86_64:
openssh-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8b1ad8f4b1fe14374a21125d611764cc
openssh-askpass-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 622b19c35678698a9603a97fd086d949
openssh-askpass-gnome-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 1968d276a2d706815823836e68255ecf
openssh-clients-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: daed1dac216199e66bf9931efe238775
openssh-server-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: d4075dbe534d6ec4c5deb56d26e83cf9
 
Red Hat Enterprise Linux ES (v. 4.5.z)

SRPMS:
openssh-3.9p1-10.RHEL4.20.src.rpm     MD5: 90acbb4ac1d221875b245bd510710a8f
 
IA-32:
openssh-3.9p1-10.RHEL4.20.i386.rpm     MD5: 8771c57236923ab78aee06b170522e79
openssh-askpass-3.9p1-10.RHEL4.20.i386.rpm     MD5: c4adbf61762339ed707a616e37d93a18
openssh-askpass-gnome-3.9p1-10.RHEL4.20.i386.rpm     MD5: 12bcdfa97bbadf66ce0c68f113cb14f3
openssh-clients-3.9p1-10.RHEL4.20.i386.rpm     MD5: bbb7aeee28e71eba8482a991fcb78c22
openssh-server-3.9p1-10.RHEL4.20.i386.rpm     MD5: 9ccea50d8435a15c4ed2c1a67f51ddaf
 
IA-64:
openssh-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 95ca17a63ef3cf223ca8eb8295b2a784
openssh-askpass-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 61c94dc386402c614a9823f1a8c02894
openssh-askpass-gnome-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 4c558d84fc7f2fa2ba693c732065cf34
openssh-clients-3.9p1-10.RHEL4.20.ia64.rpm     MD5: ee989f269ae87cb4db5ac05415764e9c
openssh-server-3.9p1-10.RHEL4.20.ia64.rpm     MD5: 1b4bc6923f83acd35a397f07c7818ad6
 
x86_64:
openssh-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: a6d33ef928776fd968316e1a261973de
openssh-askpass-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: cbe186f0649e041cf59ad756961839fc
openssh-askpass-gnome-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: f6de144683ac37b755ae3c71993cd517
openssh-clients-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: 7daa859c029ea67a8126cda891e1ef12
openssh-server-3.9p1-10.RHEL4.20.x86_64.rpm     MD5: 4a6e73d35d94d59918daee95f4076bc9
 
Red Hat Enterprise Linux ES (v. 4.7.z)

SRPMS:
openssh-3.9p1-11.el4_7.src.rpm
File outdated by:  RHEA-2010:0511
    MD5: f304fb1e487ff288c58c8ba145522260
 
IA-32:
openssh-3.9p1-11.el4_7.i386.rpm     MD5: a3745b401b8bf799995f538664dc5410
openssh-askpass-3.9p1-11.el4_7.i386.rpm     MD5: 46a57c34b0622b707d43b7a6f6c7f78f
openssh-askpass-gnome-3.9p1-11.el4_7.i386.rpm     MD5: 2388390ef6e6de4cbd81a80b2113f83f
openssh-clients-3.9p1-11.el4_7.i386.rpm     MD5: 8a9be029b461791fa76ad5579b3a16a4
openssh-server-3.9p1-11.el4_7.i386.rpm     MD5: e56217ce16770762e3fa21774c1de76b
 
IA-64:
openssh-3.9p1-11.el4_7.ia64.rpm     MD5: bfadc08c479f7e3a472fc231de99f875
openssh-askpass-3.9p1-11.el4_7.ia64.rpm     MD5: 323b31dee9d7c3ed817849217e9230a2
openssh-askpass-gnome-3.9p1-11.el4_7.ia64.rpm     MD5: 8abf2ebb5cfc2077573664fda4878a07
openssh-clients-3.9p1-11.el4_7.ia64.rpm     MD5: 24d2df09a5c3424393e2f60d0dab21f7
openssh-server-3.9p1-11.el4_7.ia64.rpm     MD5: be71a22f9998075e52f807ac52b526ea
 
x86_64:
openssh-3.9p1-11.el4_7.x86_64.rpm     MD5: 8b1ad8f4b1fe14374a21125d611764cc
openssh-askpass-3.9p1-11.el4_7.x86_64.rpm     MD5: 622b19c35678698a9603a97fd086d949
openssh-askpass-gnome-3.9p1-11.el4_7.x86_64.rpm     MD5: 1968d276a2d706815823836e68255ecf
openssh-clients-3.9p1-11.el4_7.x86_64.rpm     MD5: daed1dac216199e66bf9931efe238775
openssh-server-3.9p1-11.el4_7.x86_64.rpm     MD5: d4075dbe534d6ec4c5deb56d26e83cf9
 
Red Hat Enterprise Linux EUS (v. 5.2.z server)

SRPMS:
openssh-4.3p2-26.el5_2.1.src.rpm
File outdated by:  RHBA-2012:0237
    MD5: 61827881d43a6f3a5072de9638a7e4f8
 
IA-32:
openssh-4.3p2-26.el5_2.1.i386.rpm     MD5: 85a5393d6aea46770d5c98f52df57f1b
openssh-askpass-4.3p2-26.el5_2.1.i386.rpm     MD5: 8fdb0b9008283a439936a59841033bdf
openssh-clients-4.3p2-26.el5_2.1.i386.rpm     MD5: 5dd2e639064a40c20d274325f074c68d
openssh-server-4.3p2-26.el5_2.1.i386.rpm     MD5: 851e2daf6d1e05d55a9128ecb7669b8a
 
IA-64:
openssh-4.3p2-26.el5_2.1.ia64.rpm     MD5: 39e09ad473f5b9d33d63434382d7fd11
openssh-askpass-4.3p2-26.el5_2.1.ia64.rpm     MD5: ba23caf23586057b159f684b9a840d46
openssh-clients-4.3p2-26.el5_2.1.ia64.rpm     MD5: e36e7cf756150d87e5dae6529139f708
openssh-server-4.3p2-26.el5_2.1.ia64.rpm     MD5: e1465beb1ff34f83ef4363785ae6fa8e
 
PPC:
openssh-4.3p2-26.el5_2.1.ppc.rpm     MD5: 74addaaa7e16369fbca0755751c8f8ec
openssh-askpass-4.3p2-26.el5_2.1.ppc.rpm     MD5: d98649e557f30b7a0ab8068707144606
openssh-clients-4.3p2-26.el5_2.1.ppc.rpm     MD5: 7a0990ce21eed0ef39d25dea1a74a23a
openssh-server-4.3p2-26.el5_2.1.ppc.rpm     MD5: 84d4187f9465ab3a0fb7953b15b356e5
 
s390x:
openssh-4.3p2-26.el5_2.1.s390x.rpm     MD5: 12b68257fc37784e744591d064d5c719
openssh-askpass-4.3p2-26.el5_2.1.s390x.rpm     MD5: 2278ac4619fe16785d2e6427efb34d87
openssh-clients-4.3p2-26.el5_2.1.s390x.rpm     MD5: 41e1b8e3256fa8e172d78f1be169926a
openssh-server-4.3p2-26.el5_2.1.s390x.rpm     MD5: d8a848791761b53803476c92f24aa96e
 
x86_64:
openssh-4.3p2-26.el5_2.1.x86_64.rpm     MD5: 3ceed19221eb1ed06197567b59671777
openssh-askpass-4.3p2-26.el5_2.1.x86_64.rpm     MD5: 1339ea81c34ef44df71415777ed22007
openssh-clients-4.3p2-26.el5_2.1.x86_64.rpm     MD5: 3fb6de8242dc79caa64bcf086fa853df
openssh-server-4.3p2-26.el5_2.1.x86_64.rpm     MD5: b9492b17ea51e6a5faab054aa755e4a1
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
openssh-3.9p1-11.el4_7.src.rpm
File outdated by:  RHEA-2010:0511
    MD5: f304fb1e487ff288c58c8ba145522260
 
IA-32:
openssh-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: a3745b401b8bf799995f538664dc5410
openssh-askpass-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 46a57c34b0622b707d43b7a6f6c7f78f
openssh-askpass-gnome-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 2388390ef6e6de4cbd81a80b2113f83f
openssh-clients-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8a9be029b461791fa76ad5579b3a16a4
openssh-server-3.9p1-11.el4_7.i386.rpm
File outdated by:  RHEA-2010:0511
    MD5: e56217ce16770762e3fa21774c1de76b
 
IA-64:
openssh-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: bfadc08c479f7e3a472fc231de99f875
openssh-askpass-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 323b31dee9d7c3ed817849217e9230a2
openssh-askpass-gnome-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8abf2ebb5cfc2077573664fda4878a07
openssh-clients-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 24d2df09a5c3424393e2f60d0dab21f7
openssh-server-3.9p1-11.el4_7.ia64.rpm
File outdated by:  RHEA-2010:0511
    MD5: be71a22f9998075e52f807ac52b526ea
 
x86_64:
openssh-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 8b1ad8f4b1fe14374a21125d611764cc
openssh-askpass-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 622b19c35678698a9603a97fd086d949
openssh-askpass-gnome-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: 1968d276a2d706815823836e68255ecf
openssh-clients-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: daed1dac216199e66bf9931efe238775
openssh-server-3.9p1-11.el4_7.x86_64.rpm
File outdated by:  RHEA-2010:0511
    MD5: d4075dbe534d6ec4c5deb56d26e83cf9
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

280361 - CVE-2007-4752 openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/