Red Hat Product Errata RHSA-2009:1470 - Security Advisory
Issued:
2009-09-30
Updated:
2009-09-30

RHSA-2009:1470 - Security Advisory

Synopsis

Moderate: openssh security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openssh packages that fix a security issue are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

Description

OpenSSH is OpenBSD's SSH (Secure Shell) protocol implementation. These
packages include the core files necessary for both the OpenSSH client and
server.

A Red Hat specific patch used in the openssh packages as shipped in Red
Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain ownership
requirements for directories used as arguments for the ChrootDirectory
configuration options. A malicious user that also has or previously had
non-chroot shell access to a system could possibly use this flaw to
escalate their privileges and run commands as any system user.
(CVE-2009-2904)

All OpenSSH users are advised to upgrade to these updated packages, which
contain a backported patch to resolve this issue. After installing this
update, the OpenSSH server daemon (sshd) will be restarted automatically.

Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Affected Products

  • Red Hat Enterprise Linux Server 5 x86_64
  • Red Hat Enterprise Linux Server 5 ia64
  • Red Hat Enterprise Linux Server 5 i386
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 ia64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4 i386
  • Red Hat Enterprise Linux Workstation 5 x86_64
  • Red Hat Enterprise Linux Workstation 5 i386
  • Red Hat Enterprise Linux Desktop 5 x86_64
  • Red Hat Enterprise Linux Desktop 5 i386
  • Red Hat Enterprise Linux for IBM z Systems 5 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4 s390x
  • Red Hat Enterprise Linux for Power, big endian 5 ppc
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4 ppc
  • Red Hat Enterprise Linux Server from RHUI 5 x86_64
  • Red Hat Enterprise Linux Server from RHUI 5 i386

Fixes

  • BZ - 522141 - CVE-2009-2904 openssh: possible privilege escalation when using ChrootDirectory setting

Red Hat Enterprise Linux Server 5

SRPM
openssh-4.3p2-36.el5_4.2.src.rpm SHA-256: adf779ff515428f5566fcee27cf7d7ed2ec2eb58d2d6603775901d53defcfcc9
x86_64
openssh-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: db11aef11c9c8680af7a5401b712b90ea724a0eef0237bf1790ab957ae221285
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4479ed9de216fef0609245385fd02526389b8ded065ae3ab9284a8f46a90c2cc
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4e41cb567e1a17988abeb96434be053fcb9c5dbe1baec1b2528c89602ab02154
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4eb8ac05eb388be5f7160a27b0b52581836b50ba5d54ef53fbdb467ea7b689b1
ia64
openssh-4.3p2-36.el5_4.2.ia64.rpm SHA-256: 009486b5d60f8f77c8d4df7f5c02fcd8b5d87f7e47cf17347ce642db7bb81051
openssh-askpass-4.3p2-36.el5_4.2.ia64.rpm SHA-256: 2cdfd8f60798079e5c1ae997c6747268609310f218a549b4a74531d50a38c8b0
openssh-clients-4.3p2-36.el5_4.2.ia64.rpm SHA-256: e5f8180bf5c0f804a854fe12c289cd2a354ce8ec8b80030e1797cd3df72650a3
openssh-server-4.3p2-36.el5_4.2.ia64.rpm SHA-256: d45cff6fe1a6398fbd117869e7a88d29ca204e02303a02dcc828d93bc7e8e881
i386
openssh-4.3p2-36.el5_4.2.i386.rpm SHA-256: 0cad3a050bd6976617070cf6fbf546e7a476618fc9df4dd57b114c0b00b82116
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm SHA-256: ade4d4d7438f801edfc584c77cae431d58629a8e65989dff3fec0eb9a0c67adc
openssh-clients-4.3p2-36.el5_4.2.i386.rpm SHA-256: f7bba90c1be3f7d8fb62b2fde66557af70a75e7e42f55df7c8b31945a8f6acbc
openssh-server-4.3p2-36.el5_4.2.i386.rpm SHA-256: 2c46a28d60ca7b0239e18eaeeb1d6becd847e89de4b655853659d727b4dae410

Red Hat Enterprise Linux for x86_64 - Extended Update Support 5.4

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 5

SRPM
openssh-4.3p2-36.el5_4.2.src.rpm SHA-256: adf779ff515428f5566fcee27cf7d7ed2ec2eb58d2d6603775901d53defcfcc9
x86_64
openssh-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: db11aef11c9c8680af7a5401b712b90ea724a0eef0237bf1790ab957ae221285
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4479ed9de216fef0609245385fd02526389b8ded065ae3ab9284a8f46a90c2cc
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4e41cb567e1a17988abeb96434be053fcb9c5dbe1baec1b2528c89602ab02154
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4eb8ac05eb388be5f7160a27b0b52581836b50ba5d54ef53fbdb467ea7b689b1
i386
openssh-4.3p2-36.el5_4.2.i386.rpm SHA-256: 0cad3a050bd6976617070cf6fbf546e7a476618fc9df4dd57b114c0b00b82116
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm SHA-256: ade4d4d7438f801edfc584c77cae431d58629a8e65989dff3fec0eb9a0c67adc
openssh-clients-4.3p2-36.el5_4.2.i386.rpm SHA-256: f7bba90c1be3f7d8fb62b2fde66557af70a75e7e42f55df7c8b31945a8f6acbc
openssh-server-4.3p2-36.el5_4.2.i386.rpm SHA-256: 2c46a28d60ca7b0239e18eaeeb1d6becd847e89de4b655853659d727b4dae410

Red Hat Enterprise Linux Desktop 5

SRPM
openssh-4.3p2-36.el5_4.2.src.rpm SHA-256: adf779ff515428f5566fcee27cf7d7ed2ec2eb58d2d6603775901d53defcfcc9
x86_64
openssh-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: db11aef11c9c8680af7a5401b712b90ea724a0eef0237bf1790ab957ae221285
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4479ed9de216fef0609245385fd02526389b8ded065ae3ab9284a8f46a90c2cc
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4e41cb567e1a17988abeb96434be053fcb9c5dbe1baec1b2528c89602ab02154
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4eb8ac05eb388be5f7160a27b0b52581836b50ba5d54ef53fbdb467ea7b689b1
i386
openssh-4.3p2-36.el5_4.2.i386.rpm SHA-256: 0cad3a050bd6976617070cf6fbf546e7a476618fc9df4dd57b114c0b00b82116
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm SHA-256: ade4d4d7438f801edfc584c77cae431d58629a8e65989dff3fec0eb9a0c67adc
openssh-clients-4.3p2-36.el5_4.2.i386.rpm SHA-256: f7bba90c1be3f7d8fb62b2fde66557af70a75e7e42f55df7c8b31945a8f6acbc
openssh-server-4.3p2-36.el5_4.2.i386.rpm SHA-256: 2c46a28d60ca7b0239e18eaeeb1d6becd847e89de4b655853659d727b4dae410

Red Hat Enterprise Linux for IBM z Systems 5

SRPM
openssh-4.3p2-36.el5_4.2.src.rpm SHA-256: adf779ff515428f5566fcee27cf7d7ed2ec2eb58d2d6603775901d53defcfcc9
s390x
openssh-4.3p2-36.el5_4.2.s390x.rpm SHA-256: 16603a7045e84cead418b152241282bddae16c3edfbd264f79aa20889831c793
openssh-askpass-4.3p2-36.el5_4.2.s390x.rpm SHA-256: b0e42d8fa74822e807e1406f96db5ce9b9fe08930eb733a4b665e43c69c1330c
openssh-clients-4.3p2-36.el5_4.2.s390x.rpm SHA-256: dda9419a8f697348e9eaa118e14112e2eb6cfd1d191a8bbc01f659557c2922f7
openssh-server-4.3p2-36.el5_4.2.s390x.rpm SHA-256: 58a290288abb9bbea04bec05c09fdb563166654b918b7e72bf2679941765ed9b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 5.4

SRPM
s390x

Red Hat Enterprise Linux for Power, big endian 5

SRPM
openssh-4.3p2-36.el5_4.2.src.rpm SHA-256: adf779ff515428f5566fcee27cf7d7ed2ec2eb58d2d6603775901d53defcfcc9
ppc
openssh-4.3p2-36.el5_4.2.ppc.rpm SHA-256: 96bc0cf8aa5dfe5f2c39815e82e3c551d414fc9e6f78cbcb5682312e6f3bbbff
openssh-askpass-4.3p2-36.el5_4.2.ppc.rpm SHA-256: 544c138b8834cd889a920962243ec2790797b5aae83c48cc61ca9fbec9518511
openssh-clients-4.3p2-36.el5_4.2.ppc.rpm SHA-256: 18d87eb8d6cb7bee8c09d82ab24ca49462086f9072a5bad436622b27e09889cd
openssh-server-4.3p2-36.el5_4.2.ppc.rpm SHA-256: 877058bab8211da7599b04045a896dd1c216eaec3162fe81fb586d242c1c82bb

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 5.4

SRPM
ppc

Red Hat Enterprise Linux Server from RHUI 5

SRPM
openssh-4.3p2-36.el5_4.2.src.rpm SHA-256: adf779ff515428f5566fcee27cf7d7ed2ec2eb58d2d6603775901d53defcfcc9
x86_64
openssh-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: db11aef11c9c8680af7a5401b712b90ea724a0eef0237bf1790ab957ae221285
openssh-askpass-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4479ed9de216fef0609245385fd02526389b8ded065ae3ab9284a8f46a90c2cc
openssh-clients-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4e41cb567e1a17988abeb96434be053fcb9c5dbe1baec1b2528c89602ab02154
openssh-server-4.3p2-36.el5_4.2.x86_64.rpm SHA-256: 4eb8ac05eb388be5f7160a27b0b52581836b50ba5d54ef53fbdb467ea7b689b1
i386
openssh-4.3p2-36.el5_4.2.i386.rpm SHA-256: 0cad3a050bd6976617070cf6fbf546e7a476618fc9df4dd57b114c0b00b82116
openssh-askpass-4.3p2-36.el5_4.2.i386.rpm SHA-256: ade4d4d7438f801edfc584c77cae431d58629a8e65989dff3fec0eb9a0c67adc
openssh-clients-4.3p2-36.el5_4.2.i386.rpm SHA-256: f7bba90c1be3f7d8fb62b2fde66557af70a75e7e42f55df7c8b31945a8f6acbc
openssh-server-4.3p2-36.el5_4.2.i386.rpm SHA-256: 2c46a28d60ca7b0239e18eaeeb1d6becd847e89de4b655853659d727b4dae410

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.