[SECURITY] Fedora Core 6 Test Update: openssh-4.3p2-25.fc6
Tomas Mraz
tmraz at redhat.com
Mon Oct 8 13:57:19 UTC 2007
---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2007-715
2007-10-08
---------------------------------------------------------------------
Product : Fedora Core 6
Name : openssh
Version : 4.3p2
Release : 25.fc6
Summary : The OpenSSH implementation of SSH protocol versions 1 and 2
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.
OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features, as well as removing
all patented algorithms to separate libraries.
This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.
---------------------------------------------------------------------
* Tue Oct 2 2007 Tomas Mraz <tmraz at redhat.com> - 4.3p2-25
- do not fall back on trusted X11 cookies (CVE-2007-4752) (#280471)
* Fri Jul 13 2007 Tomas Mraz <tmraz at redhat.com> - 4.3p2-24
- fixed audit log injection problem (CVE-2007-3102) (#248059)
* Thu Jun 21 2007 Tomas Mraz <tmraz at redhat.com> - 4.3p2-23
- document where the nss certificate and token dbs are looked for
* Wed Jun 20 2007 Tomas Mraz <tmraz at redhat.com> - 4.3p2-22
- experimental support for PKCS#11 tokens through libnss3 (#183423)
* Tue Apr 3 2007 Tomas Mraz <tmraz at redhat.com> - 4.3p2-21
- correctly setup context when empty level requested (#234951)
- and always request default level as returned by getseuserbyname (#231695)
* Fri Mar 30 2007 Miloslav Trmac <mitr at redhat.com> - 4.3p2-19
- Fix an information leak in Kerberos password authentication (CVE-2006-5052)
Resolves: #234640
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/6/
0c8c346b345b424bdd1d879ee9a36eb800e1e6be SRPMS/openssh-4.3p2-25.fc6.src.rpm
0c8c346b345b424bdd1d879ee9a36eb800e1e6be noarch/openssh-4.3p2-25.fc6.src.rpm
f9860351ac40f17d0eb2e9c27adcb1431cda608c ppc/openssh-server-4.3p2-25.fc6.ppc.rpm
c704b271e5f429cd813a618429b6e79fb9cf16fe ppc/openssh-4.3p2-25.fc6.ppc.rpm
94a1ded1fb2791797837eb9f6c53b6537fc88a37 ppc/debug/openssh-debuginfo-4.3p2-25.fc6.ppc.rpm
f7661e3fedacd56f103ee92cf2356eaff2dbaf9d ppc/openssh-clients-4.3p2-25.fc6.ppc.rpm
b1b1a93fe0cc2ab21dbf1ebdb3da7546782e2bf9 ppc/openssh-askpass-4.3p2-25.fc6.ppc.rpm
379d4aec8e7f0d480887eaafd58d1c86651b2467 x86_64/openssh-4.3p2-25.fc6.x86_64.rpm
7ffa2f7cd6d35b256881a0ca561fc2fc521b977a x86_64/openssh-clients-4.3p2-25.fc6.x86_64.rpm
becde4431f181bd437b56a62a2c45418dbb41308 x86_64/openssh-askpass-4.3p2-25.fc6.x86_64.rpm
a0eeba3c8041220f56cedbd37dcf396932ee33bd x86_64/openssh-server-4.3p2-25.fc6.x86_64.rpm
3103db685dbdeffa0b879059719148efbf3514c1 x86_64/debug/openssh-debuginfo-4.3p2-25.fc6.x86_64.rpm
53ba58740015de3e19a62b3000d76499826a87c7 i386/openssh-askpass-4.3p2-25.fc6.i386.rpm
13918a94f4b864578b51142ebeaa0b9daa82be39 i386/debug/openssh-debuginfo-4.3p2-25.fc6.i386.rpm
793ba5998b3f440581de5ba53fa079538929df06 i386/openssh-4.3p2-25.fc6.i386.rpm
430a5a34d35a5e89055d3a939dc0a517e0e9498d i386/openssh-server-4.3p2-25.fc6.i386.rpm
62bc02d92b3732cff85dfcb5dc4346a0b6d637e1 i386/openssh-clients-4.3p2-25.fc6.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the fedora-test-list
mailing list