Skip to navigation

Security Advisory Low: openssh security, bug fix, and enhancement update

Advisory: RHSA-2012:0884-4
Type: Security Advisory
Severity: Low
Issued on: 2012-06-20
Last updated on: 2012-06-20
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-5000

Details

Updated openssh packages that fix one security issue, several bugs, and add
various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These
packages include the core files necessary for the OpenSSH client and
server.

A denial of service flaw was found in the OpenSSH GSSAPI authentication
implementation. A remote, authenticated user could use this flaw to make
the OpenSSH server daemon (sshd) use an excessive amount of memory, leading
to a denial of service. GSSAPI authentication is enabled by default
("GSSAPIAuthentication yes" in "/etc/ssh/sshd_config"). (CVE-2011-5000)

These updated openssh packages also provide fixes for the following bugs:

* SSH X11 forwarding failed if IPv6 was enabled and the parameter
X11UseLocalhost was set to "no". Consequently, users could not set X
forwarding. This update fixes sshd and ssh to correctly bind the port for
the IPv6 protocol. As a result, X11 forwarding now works as expected with
IPv6. (BZ#732955)

* The sshd daemon was killed by the OOM killer when running a stress test.
Consequently, a user could not log in. With this update, the sshd daemon
sets its oom_adj value to -17. As a result, sshd is not chosen by OOM
killer and users are able to log in to solve problems with memory.
(BZ#744236)

* If the SSH server is configured with a banner that contains a backslash
character, then the client will escape it with another "\" character, so it
prints double backslashes. An upstream patch has been applied to correct
the problem and the SSH banner is now correctly displayed. (BZ#809619)

In addition, these updated openssh packages provide the following
enhancements:

* Previously, SSH allowed multiple ways of authentication of which only one
was required for a successful login. SSH can now be set up to require
multiple ways of authentication. For example, logging in to an SSH-enabled
machine requires both a passphrase and a public key to be entered. The
RequiredAuthentications1 and RequiredAuthentications2 options can be
configured in the /etc/ssh/sshd_config file to specify authentications that
are required for a successful login. For example, to set key and password
authentication for SSH version 2, type:

echo "RequiredAuthentications2 publickey,password" >> /etc/ssh/sshd_config

For more information on the aforementioned /etc/ssh/sshd_config options,
refer to the sshd_config man page. (BZ#657378)

* Previously, OpenSSH could use the Advanced Encryption Standard New
Instructions (AES-NI) instruction set only with the AES Cipher-block
chaining (CBC) cipher. This update adds support for Counter (CTR) mode
encryption in OpenSSH so the AES-NI instruction set can now be used
efficiently also with the AES CTR cipher. (BZ#756929)

* Prior to this update, an unprivileged slave sshd process was run as
the sshd_t context during privilege separation (privsep). sshd_t is the
SELinux context used for running the sshd daemon. Given that the
unprivileged slave process is run under the user's UID, it is fitting to
run this process under the user's SELinux context instead of the privileged
sshd_t context. With this update, the unprivileged slave process is now run
as the user's context instead of the sshd_t context in accordance with the
principle of privilege separation. The unprivileged process, which might be
potentially more sensitive to security threats, is now run under the user's
SELinux context. (BZ#798241)

Users are advised to upgrade to these updated openssh packages, which
contain backported patches to resolve these issues and add these
enhancements. After installing this update, the OpenSSH server daemon
(sshd) will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
openssh-5.3p1-81.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: b07f59bf51e0069d30a25fffc6e3d618
SHA-256: f50583ceaf29d3cafc4c6f52adc43fb75c0aa9d81c7a730a632df1238c27d88b
 
IA-32:
openssh-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 5e5f8dc6a44b05a1fc3832f565affddc
SHA-256: 00364fae94375c8d61767258e9d0ede09ffbd35726a361e8f31240c234662908
openssh-askpass-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 57590a4e4565af08e20069b9727c55c8
SHA-256: 2ff4d91f02efe9ef0cfe8fc9535211b16c85ce038d964b254a2dadf186260d03
openssh-clients-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 3e5c5bfccc735f5f08078569d7e7429c
SHA-256: c94f4292cefd5e7efef7de3c47a215bd3197d2e828991a7d050e229e6f7f8a74
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-ldap-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: f7ac7095201809efb46f2430901d034c
SHA-256: dba91daf80d3b5b810223bbc28a671616f08d7f58d850c472b31e3d5889fbbed
openssh-server-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 295b3cc6a4d7fdd84413dc9fd6509ef7
SHA-256: 9e7db5f6b67967fac88fe4bd00a942aa3a7ede4609afb8d1f169d779cf7271ca
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
 
x86_64:
openssh-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 60a565f7c168261efc3483602b371a25
SHA-256: 7a4694ec8cad3ed4ddb8cf6ca04202583757c95f978deb06822c4f5b55be375b
openssh-askpass-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e77941cc5f03eb9cf6b2c99aadaf1a65
SHA-256: e84b7b795f9795f32ded187aae1840456120b843602b2cef9292f8ce346c2466
openssh-clients-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6581fd5234807ccb50e5085f16290127
SHA-256: 7e9fdef71f30b0e50fca1a7f22c082c8e0c02cfa1ee6d9b9945c542d8f595635
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-debuginfo-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 8ab773a82737c78aab49fb8ee6c69d8b
SHA-256: 156f5db9af87ef9a2cfd742c5d7af79efd8ccca9671da97ca4c66aa1acbffe7a
openssh-ldap-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: d003cbec945073fccb60f175ce3d3fa1
SHA-256: 5a11eccf578745e58d4ee1d7358afb4666213d80f48ca8abf749b4625daf9427
openssh-server-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 94a896bceb0a93fd4e859293d09f24cf
SHA-256: c2d139ee0565a0f55d3951ab7f7cbaa7b97db8143f9f79c6cf4a9b4a5e56f900
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
pam_ssh_agent_auth-0.9-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e7e3d31c832f43e6e842274dd989ed8b
SHA-256: 0d3eae91db9f4d0fc225a2dd85e7d4fcf0eeea535297de16fea59d757baedf33
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
openssh-5.3p1-81.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: b07f59bf51e0069d30a25fffc6e3d618
SHA-256: f50583ceaf29d3cafc4c6f52adc43fb75c0aa9d81c7a730a632df1238c27d88b
 
x86_64:
openssh-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 60a565f7c168261efc3483602b371a25
SHA-256: 7a4694ec8cad3ed4ddb8cf6ca04202583757c95f978deb06822c4f5b55be375b
openssh-askpass-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e77941cc5f03eb9cf6b2c99aadaf1a65
SHA-256: e84b7b795f9795f32ded187aae1840456120b843602b2cef9292f8ce346c2466
openssh-clients-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6581fd5234807ccb50e5085f16290127
SHA-256: 7e9fdef71f30b0e50fca1a7f22c082c8e0c02cfa1ee6d9b9945c542d8f595635
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-debuginfo-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 8ab773a82737c78aab49fb8ee6c69d8b
SHA-256: 156f5db9af87ef9a2cfd742c5d7af79efd8ccca9671da97ca4c66aa1acbffe7a
openssh-ldap-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: d003cbec945073fccb60f175ce3d3fa1
SHA-256: 5a11eccf578745e58d4ee1d7358afb4666213d80f48ca8abf749b4625daf9427
openssh-server-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 94a896bceb0a93fd4e859293d09f24cf
SHA-256: c2d139ee0565a0f55d3951ab7f7cbaa7b97db8143f9f79c6cf4a9b4a5e56f900
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
pam_ssh_agent_auth-0.9-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e7e3d31c832f43e6e842274dd989ed8b
SHA-256: 0d3eae91db9f4d0fc225a2dd85e7d4fcf0eeea535297de16fea59d757baedf33
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
openssh-5.3p1-81.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: b07f59bf51e0069d30a25fffc6e3d618
SHA-256: f50583ceaf29d3cafc4c6f52adc43fb75c0aa9d81c7a730a632df1238c27d88b
 
IA-32:
openssh-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 5e5f8dc6a44b05a1fc3832f565affddc
SHA-256: 00364fae94375c8d61767258e9d0ede09ffbd35726a361e8f31240c234662908
openssh-askpass-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 57590a4e4565af08e20069b9727c55c8
SHA-256: 2ff4d91f02efe9ef0cfe8fc9535211b16c85ce038d964b254a2dadf186260d03
openssh-clients-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 3e5c5bfccc735f5f08078569d7e7429c
SHA-256: c94f4292cefd5e7efef7de3c47a215bd3197d2e828991a7d050e229e6f7f8a74
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-ldap-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: f7ac7095201809efb46f2430901d034c
SHA-256: dba91daf80d3b5b810223bbc28a671616f08d7f58d850c472b31e3d5889fbbed
openssh-server-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 295b3cc6a4d7fdd84413dc9fd6509ef7
SHA-256: 9e7db5f6b67967fac88fe4bd00a942aa3a7ede4609afb8d1f169d779cf7271ca
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
 
PPC:
openssh-5.3p1-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 777b046a6710f47d18a94d4547c2c244
SHA-256: a104f6c05d2aab1964978ba87067349552475d8d9c7ec89a971f4642de43db18
openssh-askpass-5.3p1-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 197d465fd7f5770b2ad83f4724dc6ff2
SHA-256: ecdf13562b407de1be1ca6114465b1ee2e98e0efc79efdd013d2d890ded5e253
openssh-clients-5.3p1-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e60cfe0a6e8bbf914d8f9174a0596c80
SHA-256: 3bae517d684d9ce9bc250d62f2473c175ab93c29505658ae583542db67087c7e
openssh-debuginfo-5.3p1-81.el6.ppc.rpm
File outdated by:  RHSA-2013:1591
    MD5: efe5c806b4b539b8db438e91519925a0
SHA-256: d3728b34949f5ad976334c385343573928fa233fde3fa2e8a71c7121c98cfc69
openssh-debuginfo-5.3p1-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 5eaa5d27c6f4dd1337c6d2bfd2c8ad5e
SHA-256: 2d9128818fb9444e26addfe7cecc9bb9d730ce511b72df577bb299bdd21c9ce2
openssh-ldap-5.3p1-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 66556dddb0d4c8bf68157690f8969a3d
SHA-256: 540dcdf9253a2faf16c3aa119bbeee7ee00310d07cd7bb8542e9b6cba912630e
openssh-server-5.3p1-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: de0258e45efcdb570652d60f8fbb77f5
SHA-256: b7cd24efe92e9dee44fcaae9eb6cb35c459ee5751e7348726166b2b8cf2b9854
pam_ssh_agent_auth-0.9-81.el6.ppc.rpm
File outdated by:  RHSA-2013:1591
    MD5: 074acef188d5a62b9956957d1c27d85e
SHA-256: 85b93c6e239935e1dede3a7e8da9f556d6541e1383f65c5f1bb2f50f4307a5bf
pam_ssh_agent_auth-0.9-81.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 84890bc7e87d628563578896a8635665
SHA-256: fab590b2d757cdf5473b04e926e07b15c2161f8ed1987c88544a9afb81809a17
 
s390x:
openssh-5.3p1-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: ef74dfd46680ee7d3cf1f71fd5fbafc1
SHA-256: 2492f9b24308d09121528b9fc25e907e1fd52bc9494020a4bcf48cbaa3f715b7
openssh-askpass-5.3p1-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: 011816414d70658b963601140cb03116
SHA-256: 019b3610121c8f98941c893ec9f9135dd8340a0b8f2f847c297b971c6eabc4c9
openssh-clients-5.3p1-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: a6f7adb188acff5d3026c9bf993786a8
SHA-256: e46ce714c1a7e4f001108f08d4debd06c46811ea7cbbf40cc967ee471116eb1f
openssh-debuginfo-5.3p1-81.el6.s390.rpm
File outdated by:  RHSA-2013:1591
    MD5: 3baa9c60830f7598112eba014e0dbe04
SHA-256: 412b7b0076d2ad69e991e35c983a84238a7f85af6190ef0fa11ad01fde0d17ac
openssh-debuginfo-5.3p1-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: b7167eaa2c2407a3eb25d0bf1727f614
SHA-256: cf448d6fb2fce3781991d36d8679ca986ef067dd1089a818c76468cf1f775f36
openssh-ldap-5.3p1-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: cdd3f87140363979cbbfa6946f81bdf8
SHA-256: 7727ff0a4807f96e300c6aa81bfe3ef47e783b173c591098818b18af85a677fc
openssh-server-5.3p1-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: e90234e3132cd6cc3e8cc0bc4a530f06
SHA-256: b52d6ebecc628910be3206fa20f8eb9008b5bb657508e3b873a7114a8e931193
pam_ssh_agent_auth-0.9-81.el6.s390.rpm
File outdated by:  RHSA-2013:1591
    MD5: c8b629b61c9a6be86bc4ef775b1ca7c4
SHA-256: fa8a36776839b6b412479494ccda22060910c07d5f357741730cf8b7aa531087
pam_ssh_agent_auth-0.9-81.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: f073217004374b0c807f8b4c05743420
SHA-256: e7ddb1270813a60b606c07039954d29527b9f8c5b76828e4b40d1844b8c95e5d
 
x86_64:
openssh-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 60a565f7c168261efc3483602b371a25
SHA-256: 7a4694ec8cad3ed4ddb8cf6ca04202583757c95f978deb06822c4f5b55be375b
openssh-askpass-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e77941cc5f03eb9cf6b2c99aadaf1a65
SHA-256: e84b7b795f9795f32ded187aae1840456120b843602b2cef9292f8ce346c2466
openssh-clients-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6581fd5234807ccb50e5085f16290127
SHA-256: 7e9fdef71f30b0e50fca1a7f22c082c8e0c02cfa1ee6d9b9945c542d8f595635
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-debuginfo-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 8ab773a82737c78aab49fb8ee6c69d8b
SHA-256: 156f5db9af87ef9a2cfd742c5d7af79efd8ccca9671da97ca4c66aa1acbffe7a
openssh-ldap-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: d003cbec945073fccb60f175ce3d3fa1
SHA-256: 5a11eccf578745e58d4ee1d7358afb4666213d80f48ca8abf749b4625daf9427
openssh-server-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 94a896bceb0a93fd4e859293d09f24cf
SHA-256: c2d139ee0565a0f55d3951ab7f7cbaa7b97db8143f9f79c6cf4a9b4a5e56f900
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
pam_ssh_agent_auth-0.9-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e7e3d31c832f43e6e842274dd989ed8b
SHA-256: 0d3eae91db9f4d0fc225a2dd85e7d4fcf0eeea535297de16fea59d757baedf33
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
openssh-5.3p1-81.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: b07f59bf51e0069d30a25fffc6e3d618
SHA-256: f50583ceaf29d3cafc4c6f52adc43fb75c0aa9d81c7a730a632df1238c27d88b
 
IA-32:
openssh-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 5e5f8dc6a44b05a1fc3832f565affddc
SHA-256: 00364fae94375c8d61767258e9d0ede09ffbd35726a361e8f31240c234662908
openssh-askpass-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 57590a4e4565af08e20069b9727c55c8
SHA-256: 2ff4d91f02efe9ef0cfe8fc9535211b16c85ce038d964b254a2dadf186260d03
openssh-clients-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 3e5c5bfccc735f5f08078569d7e7429c
SHA-256: c94f4292cefd5e7efef7de3c47a215bd3197d2e828991a7d050e229e6f7f8a74
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-ldap-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: f7ac7095201809efb46f2430901d034c
SHA-256: dba91daf80d3b5b810223bbc28a671616f08d7f58d850c472b31e3d5889fbbed
openssh-server-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 295b3cc6a4d7fdd84413dc9fd6509ef7
SHA-256: 9e7db5f6b67967fac88fe4bd00a942aa3a7ede4609afb8d1f169d779cf7271ca
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
 
x86_64:
openssh-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 60a565f7c168261efc3483602b371a25
SHA-256: 7a4694ec8cad3ed4ddb8cf6ca04202583757c95f978deb06822c4f5b55be375b
openssh-askpass-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e77941cc5f03eb9cf6b2c99aadaf1a65
SHA-256: e84b7b795f9795f32ded187aae1840456120b843602b2cef9292f8ce346c2466
openssh-clients-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6581fd5234807ccb50e5085f16290127
SHA-256: 7e9fdef71f30b0e50fca1a7f22c082c8e0c02cfa1ee6d9b9945c542d8f595635
openssh-debuginfo-5.3p1-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 98da2a97305cd4fe36b548b852226304
SHA-256: a7fe5756b24e1f4c779d10044b518d1673b9b1db61f1bbae775321f0860b1534
openssh-debuginfo-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 8ab773a82737c78aab49fb8ee6c69d8b
SHA-256: 156f5db9af87ef9a2cfd742c5d7af79efd8ccca9671da97ca4c66aa1acbffe7a
openssh-ldap-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: d003cbec945073fccb60f175ce3d3fa1
SHA-256: 5a11eccf578745e58d4ee1d7358afb4666213d80f48ca8abf749b4625daf9427
openssh-server-5.3p1-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 94a896bceb0a93fd4e859293d09f24cf
SHA-256: c2d139ee0565a0f55d3951ab7f7cbaa7b97db8143f9f79c6cf4a9b4a5e56f900
pam_ssh_agent_auth-0.9-81.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 306a7e2f91b567f9c0476b24fc3b863e
SHA-256: 1624e3e978e712ff93d90d3c7b0e986ab000c898d95337923078fe785b86e3b2
pam_ssh_agent_auth-0.9-81.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: e7e3d31c832f43e6e842274dd989ed8b
SHA-256: 0d3eae91db9f4d0fc225a2dd85e7d4fcf0eeea535297de16fea59d757baedf33
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

657378 - [RFE] ability to require password and public-key for login
732955 - X11 forwarding fails, if IPv6 is enabled and X11UseLocalhost=no
797384 - Init scripts tries to read missing file
809938 - CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/