- Issued:
- 2010-03-30
- Updated:
- 2010-03-30
RHBA-2010:0193 - Bug Fix Advisory
Synopsis
openssh bug fix update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated openssh packages that fix various bugs and add an enhancement are
now available.
Description
OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These
packages include the core files necessary for both the OpenSSH client and
server.
These packages address the following bugs:
- When sshd used multiple SFTP channels simultaneously, each SFTP channel
leaked a unix socket. This socket leak could have eventually caused the
sshd daemon to monopolize system resources. The bug has been fixed with
these updated packages by ensuring that there is no socket leak within a
subsystem. (BZ#530358)
- If a zero length SSH2 DSA key existed, the ssh init script would hang.
This issue has been fixed by allowing the ssh init script to automatically
overwrite any zero length keys that exist. The ssh init script now
functions as expected, even if a zero length key exists before execution of
the script. (BZ#531738)
As well, these updated packages add the following enhancement:
- A call to RAND_cleanup() has been added to ssh and sshd to clean the PRNG
status when exiting the program. This enhancement also ensures FIPS-140-2
compliance. (BZ#557164)
All openssh users should upgrade to these updated packages, which resolve
these issues.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 530358 - sshd leaks a unix socket after each use of a sftp channel
- BZ - 531738 - System hangs when generating SSH2 DSA key
CVEs
(none)
References
(none)
Note:
More recent versions of these packages may be available.
Click a package name for more details.
Red Hat Enterprise Linux Server 5
| SRPM | |
|---|---|
| openssh-4.3p2-41.el5.src.rpm | SHA-256: 4f40b31bd148e331f49c568c08f6b5a7b82f569148fd3826ce16a977d9bcb384 |
| x86_64 | |
| openssh-4.3p2-41.el5.x86_64.rpm | SHA-256: 3ff9e0944e0dc11cea599c48a18d0d657b7fd2d8acbe23f25a7afbcfa5911d11 |
| openssh-askpass-4.3p2-41.el5.x86_64.rpm | SHA-256: 8561d030cd797f61f76993544eacb6e3bffebf459bfcf766315f98d812b863ea |
| openssh-clients-4.3p2-41.el5.x86_64.rpm | SHA-256: 2826d6951d49e217ccb3bcf7e05b4322afd568be890f99966a952d506e710154 |
| openssh-server-4.3p2-41.el5.x86_64.rpm | SHA-256: c286901307e47fbf31a76c8edaea218507eae80836fd634a2669904bfeac9d78 |
| ia64 | |
| openssh-4.3p2-41.el5.ia64.rpm | SHA-256: 3267c15edba7d04fa7572abf9a5fe57f9002a576c7282e70e1ca68e2e7c95fc6 |
| openssh-askpass-4.3p2-41.el5.ia64.rpm | SHA-256: 5011a33264b271840fba5814c228e758bbdc801e5e422766c5733265629e2acb |
| openssh-clients-4.3p2-41.el5.ia64.rpm | SHA-256: 9ea91a204a0533e64b371c070e4d30a522f31c6977e22cb65e3731314f5984aa |
| openssh-server-4.3p2-41.el5.ia64.rpm | SHA-256: 3115ccc713d9a582ed57feb3b2d0a1e92a147eedef80e935a4f510cb89871dac |
| i386 | |
| openssh-4.3p2-41.el5.i386.rpm | SHA-256: a9be9bdfeb35777bde2a4fd249b3c6b2d2fc7aa9a03ec04da7b1d55878503caf |
| openssh-askpass-4.3p2-41.el5.i386.rpm | SHA-256: 60622ac647efa583d9891ceba35ea3aa1448b3ce3c8bf856ba628c69a8fbab93 |
| openssh-clients-4.3p2-41.el5.i386.rpm | SHA-256: 7453661c486ec6092e7d45497a9133eb4c97e82b3ff18af60c2c23af14a02081 |
| openssh-server-4.3p2-41.el5.i386.rpm | SHA-256: c2c4fd3a83b28ab899e7a00ae29278ce04ac386c02154a8b15ed5283156fcd99 |
Red Hat Enterprise Linux Workstation 5
| SRPM | |
|---|---|
| openssh-4.3p2-41.el5.src.rpm | SHA-256: 4f40b31bd148e331f49c568c08f6b5a7b82f569148fd3826ce16a977d9bcb384 |
| x86_64 | |
| openssh-4.3p2-41.el5.x86_64.rpm | SHA-256: 3ff9e0944e0dc11cea599c48a18d0d657b7fd2d8acbe23f25a7afbcfa5911d11 |
| openssh-askpass-4.3p2-41.el5.x86_64.rpm | SHA-256: 8561d030cd797f61f76993544eacb6e3bffebf459bfcf766315f98d812b863ea |
| openssh-clients-4.3p2-41.el5.x86_64.rpm | SHA-256: 2826d6951d49e217ccb3bcf7e05b4322afd568be890f99966a952d506e710154 |
| openssh-server-4.3p2-41.el5.x86_64.rpm | SHA-256: c286901307e47fbf31a76c8edaea218507eae80836fd634a2669904bfeac9d78 |
| i386 | |
| openssh-4.3p2-41.el5.i386.rpm | SHA-256: a9be9bdfeb35777bde2a4fd249b3c6b2d2fc7aa9a03ec04da7b1d55878503caf |
| openssh-askpass-4.3p2-41.el5.i386.rpm | SHA-256: 60622ac647efa583d9891ceba35ea3aa1448b3ce3c8bf856ba628c69a8fbab93 |
| openssh-clients-4.3p2-41.el5.i386.rpm | SHA-256: 7453661c486ec6092e7d45497a9133eb4c97e82b3ff18af60c2c23af14a02081 |
| openssh-server-4.3p2-41.el5.i386.rpm | SHA-256: c2c4fd3a83b28ab899e7a00ae29278ce04ac386c02154a8b15ed5283156fcd99 |
Red Hat Enterprise Linux Desktop 5
| SRPM | |
|---|---|
| openssh-4.3p2-41.el5.src.rpm | SHA-256: 4f40b31bd148e331f49c568c08f6b5a7b82f569148fd3826ce16a977d9bcb384 |
| x86_64 | |
| openssh-4.3p2-41.el5.x86_64.rpm | SHA-256: 3ff9e0944e0dc11cea599c48a18d0d657b7fd2d8acbe23f25a7afbcfa5911d11 |
| openssh-askpass-4.3p2-41.el5.x86_64.rpm | SHA-256: 8561d030cd797f61f76993544eacb6e3bffebf459bfcf766315f98d812b863ea |
| openssh-clients-4.3p2-41.el5.x86_64.rpm | SHA-256: 2826d6951d49e217ccb3bcf7e05b4322afd568be890f99966a952d506e710154 |
| openssh-server-4.3p2-41.el5.x86_64.rpm | SHA-256: c286901307e47fbf31a76c8edaea218507eae80836fd634a2669904bfeac9d78 |
| i386 | |
| openssh-4.3p2-41.el5.i386.rpm | SHA-256: a9be9bdfeb35777bde2a4fd249b3c6b2d2fc7aa9a03ec04da7b1d55878503caf |
| openssh-askpass-4.3p2-41.el5.i386.rpm | SHA-256: 60622ac647efa583d9891ceba35ea3aa1448b3ce3c8bf856ba628c69a8fbab93 |
| openssh-clients-4.3p2-41.el5.i386.rpm | SHA-256: 7453661c486ec6092e7d45497a9133eb4c97e82b3ff18af60c2c23af14a02081 |
| openssh-server-4.3p2-41.el5.i386.rpm | SHA-256: c2c4fd3a83b28ab899e7a00ae29278ce04ac386c02154a8b15ed5283156fcd99 |
Red Hat Enterprise Linux for IBM z Systems 5
| SRPM | |
|---|---|
| openssh-4.3p2-41.el5.src.rpm | SHA-256: 4f40b31bd148e331f49c568c08f6b5a7b82f569148fd3826ce16a977d9bcb384 |
| s390x | |
| openssh-4.3p2-41.el5.s390x.rpm | SHA-256: 82da1c7c82f3ba992457de53172cbf38027194fb7915f0cf24ebc3c36de6c723 |
| openssh-askpass-4.3p2-41.el5.s390x.rpm | SHA-256: bb36525dbda711f4ef4e1fa6cd102cb547cfbbf39b59929b38ee9d51eb5d4d33 |
| openssh-clients-4.3p2-41.el5.s390x.rpm | SHA-256: c34654625f9e3f1a6d218b8e920c604782c4c73e348867ed2af9577418c5472d |
| openssh-server-4.3p2-41.el5.s390x.rpm | SHA-256: f5f76e50c461dffa925af2613ab2886f9a3f603601c95a3e3a276a22564f1ce4 |
Red Hat Enterprise Linux for Power, big endian 5
| SRPM | |
|---|---|
| openssh-4.3p2-41.el5.src.rpm | SHA-256: 4f40b31bd148e331f49c568c08f6b5a7b82f569148fd3826ce16a977d9bcb384 |
| ppc | |
| openssh-4.3p2-41.el5.ppc.rpm | SHA-256: f77fc4e29e060d7bc7a5a03b4ed5bbca47b860b20ab105c77a82ca17746cc9f7 |
| openssh-askpass-4.3p2-41.el5.ppc.rpm | SHA-256: 1a07e7642de4c8cb4dbf991ffdeeb54dc24c7fa97de6678b69ae3327f756b112 |
| openssh-clients-4.3p2-41.el5.ppc.rpm | SHA-256: 9694d710b8f7e43c511cb9272d5dde9da00885e659d9ddfc1c0b27a777c40b62 |
| openssh-server-4.3p2-41.el5.ppc.rpm | SHA-256: a39ede0d2d4354429c7e5e44624fe2ed9cf1a61c1c5de74bfaf57a8c5296b8da |
Red Hat Enterprise Linux Server from RHUI 5
| SRPM | |
|---|---|
| openssh-4.3p2-41.el5.src.rpm | SHA-256: 4f40b31bd148e331f49c568c08f6b5a7b82f569148fd3826ce16a977d9bcb384 |
| x86_64 | |
| openssh-4.3p2-41.el5.x86_64.rpm | SHA-256: 3ff9e0944e0dc11cea599c48a18d0d657b7fd2d8acbe23f25a7afbcfa5911d11 |
| openssh-askpass-4.3p2-41.el5.x86_64.rpm | SHA-256: 8561d030cd797f61f76993544eacb6e3bffebf459bfcf766315f98d812b863ea |
| openssh-clients-4.3p2-41.el5.x86_64.rpm | SHA-256: 2826d6951d49e217ccb3bcf7e05b4322afd568be890f99966a952d506e710154 |
| openssh-server-4.3p2-41.el5.x86_64.rpm | SHA-256: c286901307e47fbf31a76c8edaea218507eae80836fd634a2669904bfeac9d78 |
| i386 | |
| openssh-4.3p2-41.el5.i386.rpm | SHA-256: a9be9bdfeb35777bde2a4fd249b3c6b2d2fc7aa9a03ec04da7b1d55878503caf |
| openssh-askpass-4.3p2-41.el5.i386.rpm | SHA-256: 60622ac647efa583d9891ceba35ea3aa1448b3ce3c8bf856ba628c69a8fbab93 |
| openssh-clients-4.3p2-41.el5.i386.rpm | SHA-256: 7453661c486ec6092e7d45497a9133eb4c97e82b3ff18af60c2c23af14a02081 |
| openssh-server-4.3p2-41.el5.i386.rpm | SHA-256: c2c4fd3a83b28ab899e7a00ae29278ce04ac386c02154a8b15ed5283156fcd99 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
