openssh 4.3 backporting for CVE-2012-0814 CVE-2008-3259 CVE-2007-4752 CVE-2008-1483 CVE-2008-5161 CVE-2006-5051 CVE-2006-4924

Solution In Progress - Updated -

Issue

After running vulnerability for one of our RHEL5 server we see the below vulnerabilities detected from the report.

CVE ID:

CVE-2012-0814
CVE-2008-3259
CVE-2007-4752
CVE-2008-1483
CVE-2008-5161
CVE-2006-5051
CVE-2006-4924

The suggest solution for the version is to upgrade the open ssh package to 4.4 or latest version. But for the RHEl5.9 version we see only 4.3 version package is available in rhn respository.

Could you please let us know whether above CVE ID'are backported in openssh 4.3 current version.

[root@server ~]# rpm -qa | grep openssh
openssh-4.3p2-82.el5
openssh-server-4.3p2-82.el5
openssh-clients-4.3p2-82.el5
openssh-askpass-4.3p2-82.el5

Environment

Red Hat Enterprise Linux 5.9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content