Skip to navigation

Security Advisory Moderate: openssh security, bug fix and enhancement update

Advisory: RHSA-2013:0519-2
Type: Security Advisory
Severity: Moderate
Issued on: 2013-02-21
Last updated on: 2013-02-21
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-5536

Details

Updated openssh packages that fix one security issue, multiple bugs, and
add various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These
packages include the core files necessary for the OpenSSH client and
server.

Due to the way the pam_ssh_agent_auth PAM module was built in Red Hat
Enterprise Linux 6, the glibc's error() function was called rather than the
intended error() function in pam_ssh_agent_auth to report errors. As these
two functions expect different arguments, it was possible for an attacker
to cause an application using pam_ssh_agent_auth to crash, disclose
portions of its memory or, potentially, execute arbitrary code.
(CVE-2012-5536)

Note that the pam_ssh_agent_auth module is not used in Red Hat Enterprise
Linux 6 by default.

This update also fixes the following bugs:

* All possible options for the new RequiredAuthentications directive were
not documented in the sshd_config man page. This update improves the man
page to document all the possible options. (BZ#821641)

* When stopping one instance of the SSH daemon (sshd), the sshd init script
(/etc/rc.d/init.d/sshd) stopped all sshd processes regardless of the PID of
the processes. This update improves the init script so that it only kills
processes with the relevant PID. As a result, the init script now works
more reliably in a multi-instance environment. (BZ#826720)

* Due to a regression, the ssh-copy-id command returned an exit status code
of zero even if there was an error in copying the key to a remote host.
With this update, a patch has been applied and ssh-copy-id now returns a
non-zero exit code if there is an error in copying the SSH certificate to a
remote host. (BZ#836650)

* When SELinux was disabled on the system, no on-disk policy was installed,
a user account was used for a connection, and no "~/.ssh" configuration was
present in that user's home directory, the SSH client terminated
unexpectedly with a segmentation fault when attempting to connect to
another system. A patch has been provided to address this issue and the
crashes no longer occur in the described scenario. (BZ#836655)

* The "HOWTO" document /usr/share/doc/openssh-ldap-5.3p1/HOWTO.ldap-keys
incorrectly documented the use of the AuthorizedKeysCommand directive.
This update corrects the document. (BZ#857760)

This update also adds the following enhancements:

* When attempting to enable SSH for use with a Common Access Card (CAC),
the ssh-agent utility read all the certificates in the card even though
only the ID certificate was needed. Consequently, if a user entered their
PIN incorrectly, then the CAC was locked, as a match for the PIN was
attempted against all three certificates. With this update, ssh-add does
not try the same PIN for every certificate if the PIN fails for the first
one. As a result, the CAC will not be disabled if a user enters their PIN
incorrectly. (BZ#782912)

* This update adds a "netcat mode" to SSH. The "ssh -W host:port ..."
command connects standard input and output (stdio) on a client to a single
port on a server. As a result, SSH can be used to route connections via
intermediate servers. (BZ#860809)

* Due to a bug, arguments for the RequiredAuthentications2 directive were
not stored in a Match block. Consequently, parsing of the config file was
not in accordance with the man sshd_config documentation. This update fixes
the bug and users can now use the required authentication feature to
specify a list of authentication methods as expected according to the man
page. (BZ#869903)

All users of openssh are advised to upgrade to these updated packages,
which fix these issues and add these enhancements. After installing this
update, the OpenSSH server daemon (sshd) will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
openssh-5.3p1-84.1.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: 0f7c6676e32b0437920170c02409f0b2
SHA-256: d943c2596e8cb2ad094615b5a69205320812b61887debe07a57b4bf26a237b30
 
IA-32:
openssh-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 09054f4f684eeb1f2489d667b658b0b5
SHA-256: e7528ca490d2550b49ea1889acd943522967f193abc8aaffd500d9c1d29fd4dd
openssh-askpass-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 715b63cf12020ef857237fc2770e916a
SHA-256: 0c40d87e52cbcb81dfbd730371bedb0b59f8e30dc3aa1e7bebe578f3d86272d4
openssh-clients-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: ef39e03b1821694912f19447a823268c
SHA-256: 2f56f48ec140596c58346b2a0453ea01cb54a8c1c536c3d33e77bf81d669f0a2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-ldap-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: c3276e195e0db791ed31921ffb66dac8
SHA-256: a24e811d18e45b7f42248d1f64b64112a3f39ee17d05fe9682c80204a229687b
openssh-server-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 708aa6ce72735e2762435226e442005b
SHA-256: 0341b5af8e3a2bc3c9a42d6a73f4e7f2d31ceccb4a65f1de395b08daf10f6f36
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
 
x86_64:
openssh-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 33403c8e1ec809a50b3c94677c30a975
SHA-256: 400608b957c53a348fd05acf7be56b24ddbef0f49aebed30c8c9fa46a978b905
openssh-askpass-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 58ac116c6482590b9f187d7bada44041
SHA-256: ac9fb82c1b3e5c3bd41c555e7ad7812c69b52a1df93a401b0f25d08a564750f5
openssh-clients-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 53694ab12b0132ed7fa756bd01a56950
SHA-256: aa903886a2a04a27774ee6a420f36b39650d72144e165765b9c0c801ec11d5e2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-debuginfo-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 618b0a16c1d33a518e9c5f046d3594d5
SHA-256: df6c8dd25d582a21679e5a5e0c059fa680077d67c1bf65642f04f4ea3f9a056d
openssh-ldap-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 4edd593d13c3fa8f8461f7cfee15cc60
SHA-256: 3f3780b0e403062a84c67b4023c08adc9d59854d9a9584fb1bcd4b22c605a24c
openssh-server-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6d9077733514d121848dfa7d235bb49e
SHA-256: 8b9c5f3840abb97b5b2b831d08005ab35be6309614c9c6b3185d65424a758bc0
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
pam_ssh_agent_auth-0.9.3-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: be3258d323291b5b9d76eba8d1fc03a8
SHA-256: 3fe861d4c4c3e6ed8047c00f4839f2a58123a7ed2ada7454b16e501fffa6827a
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
openssh-5.3p1-84.1.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: 0f7c6676e32b0437920170c02409f0b2
SHA-256: d943c2596e8cb2ad094615b5a69205320812b61887debe07a57b4bf26a237b30
 
x86_64:
openssh-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 33403c8e1ec809a50b3c94677c30a975
SHA-256: 400608b957c53a348fd05acf7be56b24ddbef0f49aebed30c8c9fa46a978b905
openssh-askpass-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 58ac116c6482590b9f187d7bada44041
SHA-256: ac9fb82c1b3e5c3bd41c555e7ad7812c69b52a1df93a401b0f25d08a564750f5
openssh-clients-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 53694ab12b0132ed7fa756bd01a56950
SHA-256: aa903886a2a04a27774ee6a420f36b39650d72144e165765b9c0c801ec11d5e2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-debuginfo-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 618b0a16c1d33a518e9c5f046d3594d5
SHA-256: df6c8dd25d582a21679e5a5e0c059fa680077d67c1bf65642f04f4ea3f9a056d
openssh-ldap-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 4edd593d13c3fa8f8461f7cfee15cc60
SHA-256: 3f3780b0e403062a84c67b4023c08adc9d59854d9a9584fb1bcd4b22c605a24c
openssh-server-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6d9077733514d121848dfa7d235bb49e
SHA-256: 8b9c5f3840abb97b5b2b831d08005ab35be6309614c9c6b3185d65424a758bc0
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
pam_ssh_agent_auth-0.9.3-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: be3258d323291b5b9d76eba8d1fc03a8
SHA-256: 3fe861d4c4c3e6ed8047c00f4839f2a58123a7ed2ada7454b16e501fffa6827a
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
openssh-5.3p1-84.1.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: 0f7c6676e32b0437920170c02409f0b2
SHA-256: d943c2596e8cb2ad094615b5a69205320812b61887debe07a57b4bf26a237b30
 
IA-32:
openssh-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 09054f4f684eeb1f2489d667b658b0b5
SHA-256: e7528ca490d2550b49ea1889acd943522967f193abc8aaffd500d9c1d29fd4dd
openssh-askpass-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 715b63cf12020ef857237fc2770e916a
SHA-256: 0c40d87e52cbcb81dfbd730371bedb0b59f8e30dc3aa1e7bebe578f3d86272d4
openssh-clients-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: ef39e03b1821694912f19447a823268c
SHA-256: 2f56f48ec140596c58346b2a0453ea01cb54a8c1c536c3d33e77bf81d669f0a2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-ldap-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: c3276e195e0db791ed31921ffb66dac8
SHA-256: a24e811d18e45b7f42248d1f64b64112a3f39ee17d05fe9682c80204a229687b
openssh-server-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 708aa6ce72735e2762435226e442005b
SHA-256: 0341b5af8e3a2bc3c9a42d6a73f4e7f2d31ceccb4a65f1de395b08daf10f6f36
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
 
PPC:
openssh-5.3p1-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 1e3b22cc44a98fcf0a9722c786d97a42
SHA-256: 15555a1dd744dbadf058f6f6f42533739839ae5e18a80849a33e056effcfc805
openssh-askpass-5.3p1-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: b8e5f3e1c796d2e4f41ec1a8a60a1269
SHA-256: 25cd9497e66535934ba7b9cf945a1f7312b4144997651ba3dde4f7474e8588e7
openssh-clients-5.3p1-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 59fec91892ac7c4bd0e6a937973eb654
SHA-256: 8f336377c7aed19137e56d6df950d55a8fe6340cd2694c5b9c4cf65277143d7e
openssh-debuginfo-5.3p1-84.1.el6.ppc.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6a8e385242d7ef80abd988d5ac1d6a03
SHA-256: 37ccbd38a7976a6034ba3d2a19270c86fbc46b2da675fbb80419163e0b935633
openssh-debuginfo-5.3p1-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 8edbd83286acabdeb02f25c46fd668bf
SHA-256: a9ad54b0f8f3d7cd1b5bbb962986d958a2fb051bc87d3870ba931aee03edda92
openssh-ldap-5.3p1-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 08d5f837ceafad8c82852e45d0312ac4
SHA-256: e219eb98e8f939af8ae70858b807e1fbe444933093b87edb81b62aed241b0eb9
openssh-server-5.3p1-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 85f0da69a7d8f9b7395207c7213310a0
SHA-256: 4b1a5cb93fc806aeb3def75fc608fc8fbf8ce5c412d3d915da8ba9cadc340ec2
pam_ssh_agent_auth-0.9.3-84.1.el6.ppc.rpm
File outdated by:  RHSA-2013:1591
    MD5: 50783a91eb4b766f3d202b7f39e07e4b
SHA-256: b8430de3a6a2653ca8603226c1327a5e4ab8086cf38a9d9ae7cb4fb79bf528f9
pam_ssh_agent_auth-0.9.3-84.1.el6.ppc64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 282aed18bf5967703b81ebf23e32755b
SHA-256: 5e2d5016ec8f3883a2ed46fbef1a3bd054f960ae40f640a72f2034c7d373b9e4
 
s390x:
openssh-5.3p1-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6e585e2a8e61f1d3bb9c596f3f98b781
SHA-256: 09da386b1328301e51e2ee9bfc8ebebd0b6aafcc3025f97d6014ff11f835c7a9
openssh-askpass-5.3p1-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: 8746bd74c4c32cefaa3ad6e12e374644
SHA-256: 3a51180d5935f2c9a20bb7792fe12c1cbb312e64af43d9db1cd38a7a2c86a95d
openssh-clients-5.3p1-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: b9acbf3ba451fcd746dcf3dd2e65f729
SHA-256: fbd2e558c845dbe4b47bdc592b2a6b3df77409c0b87b04326dce81e7991b5e00
openssh-debuginfo-5.3p1-84.1.el6.s390.rpm
File outdated by:  RHSA-2013:1591
    MD5: a98516162b4edf23336d968ea0d8500f
SHA-256: c994e13dd30fc2f79cf8e6f592a714bbf0706717f7346990e614848fa4e199fb
openssh-debuginfo-5.3p1-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: c9323dba67ae6016bbf8ce7fe28aa403
SHA-256: 42c1913a71249525b27848238cc38bf458c8375715f226ca88af96451927a626
openssh-ldap-5.3p1-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: 12f07f5a0b965772590077f6e795aaaf
SHA-256: fe29b1dc2408e62d846a63c0315ef4130b3cf6dc2e3d93ab865b8e4bb94d4762
openssh-server-5.3p1-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: fe3121c9af2622e17142b148e1ca906c
SHA-256: 2365e23035c6424aac19146206e5bfbaf0f48906a70d4613b9b872df3d20a082
pam_ssh_agent_auth-0.9.3-84.1.el6.s390.rpm
File outdated by:  RHSA-2013:1591
    MD5: bd905ffe8b570c26d045adda3fb374a0
SHA-256: 6fae7bd5564999e8683fd8ec570ba5cd39c6e12535df4c290411441faec24d50
pam_ssh_agent_auth-0.9.3-84.1.el6.s390x.rpm
File outdated by:  RHSA-2013:1591
    MD5: e8f8b643b4388edc65a9de764831783f
SHA-256: 32f62746c60fa4d4be31f9162a365560dca145575271a271beafd93aed6d95fa
 
x86_64:
openssh-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 33403c8e1ec809a50b3c94677c30a975
SHA-256: 400608b957c53a348fd05acf7be56b24ddbef0f49aebed30c8c9fa46a978b905
openssh-askpass-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 58ac116c6482590b9f187d7bada44041
SHA-256: ac9fb82c1b3e5c3bd41c555e7ad7812c69b52a1df93a401b0f25d08a564750f5
openssh-clients-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 53694ab12b0132ed7fa756bd01a56950
SHA-256: aa903886a2a04a27774ee6a420f36b39650d72144e165765b9c0c801ec11d5e2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-debuginfo-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 618b0a16c1d33a518e9c5f046d3594d5
SHA-256: df6c8dd25d582a21679e5a5e0c059fa680077d67c1bf65642f04f4ea3f9a056d
openssh-ldap-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 4edd593d13c3fa8f8461f7cfee15cc60
SHA-256: 3f3780b0e403062a84c67b4023c08adc9d59854d9a9584fb1bcd4b22c605a24c
openssh-server-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6d9077733514d121848dfa7d235bb49e
SHA-256: 8b9c5f3840abb97b5b2b831d08005ab35be6309614c9c6b3185d65424a758bc0
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
pam_ssh_agent_auth-0.9.3-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: be3258d323291b5b9d76eba8d1fc03a8
SHA-256: 3fe861d4c4c3e6ed8047c00f4839f2a58123a7ed2ada7454b16e501fffa6827a
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
openssh-5.3p1-84.1.el6.src.rpm
File outdated by:  RHSA-2013:1591
    MD5: 0f7c6676e32b0437920170c02409f0b2
SHA-256: d943c2596e8cb2ad094615b5a69205320812b61887debe07a57b4bf26a237b30
 
IA-32:
openssh-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 09054f4f684eeb1f2489d667b658b0b5
SHA-256: e7528ca490d2550b49ea1889acd943522967f193abc8aaffd500d9c1d29fd4dd
openssh-askpass-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 715b63cf12020ef857237fc2770e916a
SHA-256: 0c40d87e52cbcb81dfbd730371bedb0b59f8e30dc3aa1e7bebe578f3d86272d4
openssh-clients-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: ef39e03b1821694912f19447a823268c
SHA-256: 2f56f48ec140596c58346b2a0453ea01cb54a8c1c536c3d33e77bf81d669f0a2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-ldap-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: c3276e195e0db791ed31921ffb66dac8
SHA-256: a24e811d18e45b7f42248d1f64b64112a3f39ee17d05fe9682c80204a229687b
openssh-server-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 708aa6ce72735e2762435226e442005b
SHA-256: 0341b5af8e3a2bc3c9a42d6a73f4e7f2d31ceccb4a65f1de395b08daf10f6f36
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
 
x86_64:
openssh-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 33403c8e1ec809a50b3c94677c30a975
SHA-256: 400608b957c53a348fd05acf7be56b24ddbef0f49aebed30c8c9fa46a978b905
openssh-askpass-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 58ac116c6482590b9f187d7bada44041
SHA-256: ac9fb82c1b3e5c3bd41c555e7ad7812c69b52a1df93a401b0f25d08a564750f5
openssh-clients-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 53694ab12b0132ed7fa756bd01a56950
SHA-256: aa903886a2a04a27774ee6a420f36b39650d72144e165765b9c0c801ec11d5e2
openssh-debuginfo-5.3p1-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: 341fd0846b5c0e2f380af45e276b1e59
SHA-256: b13d9dc849c942d55948a409b3da837315c9c1cfd3092a218690f19c81dbd3e5
openssh-debuginfo-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 618b0a16c1d33a518e9c5f046d3594d5
SHA-256: df6c8dd25d582a21679e5a5e0c059fa680077d67c1bf65642f04f4ea3f9a056d
openssh-ldap-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 4edd593d13c3fa8f8461f7cfee15cc60
SHA-256: 3f3780b0e403062a84c67b4023c08adc9d59854d9a9584fb1bcd4b22c605a24c
openssh-server-5.3p1-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: 6d9077733514d121848dfa7d235bb49e
SHA-256: 8b9c5f3840abb97b5b2b831d08005ab35be6309614c9c6b3185d65424a758bc0
pam_ssh_agent_auth-0.9.3-84.1.el6.i686.rpm
File outdated by:  RHSA-2013:1591
    MD5: e0be34995d3a77e619c07a5edb49cb20
SHA-256: c006402d0c7758c6e83a96d59837562b1dc13aad681ccb4517ad57eeab3ebb6c
pam_ssh_agent_auth-0.9.3-84.1.el6.x86_64.rpm
File outdated by:  RHSA-2013:1591
    MD5: be3258d323291b5b9d76eba8d1fc03a8
SHA-256: 3fe861d4c4c3e6ed8047c00f4839f2a58123a7ed2ada7454b16e501fffa6827a
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

821641 - Document possible options to RequiredAuthentications1/2
826720 - sshd initscript clobbers other sshd processes.
834618 - CVE-2012-5536 pam_ssh_agent_auth: symbol crash leading to glibc error() called incorrectly
836650 - ssh-copy-id returns 0 even if the actual operation fails.
857760 - Error/typo in openssh-ldap HOWTO file
869903 - RequiredAuthentications2 does not work in Match blocks as documented.


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/