RHSA-2015:2088
Vulnerability Summary
Timeline
Description
Red Hat Security Advisory: openssh security, bug fix, and enhancement update
Affected Systems
- redhat•openssh
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-askpass
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-clients
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-debuginfo
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-keycat
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-ldap
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-server
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•openssh-server-sysvinit
< 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7 | < 0:6.6.1p1-22.el7
- redhat•pam_ssh_agent_auth
< 0:0.9.3-9.22.el7 | < 0:0.9.3-9.22.el7 | < 0:0.9.3-9.22.el7 | < 0:0.9.3-9.22.el7
References (26)
- https://access.redhat.com/errata/RHSA-2015:2088
- https://access.redhat.com/security/updates/classification/#moderate
- https://bugzilla.redhat.com/show_bug.cgi?id=1125110
- https://bugzilla.redhat.com/show_bug.cgi?id=1160377
- https://bugzilla.redhat.com/show_bug.cgi?id=1178116
- https://bugzilla.redhat.com/show_bug.cgi?id=1181591
- https://bugzilla.redhat.com/show_bug.cgi?id=1184938
- https://bugzilla.redhat.com/show_bug.cgi?id=1187597
- https://bugzilla.redhat.com/show_bug.cgi?id=1197666
- https://bugzilla.redhat.com/show_bug.cgi?id=1197989
- https://bugzilla.redhat.com/show_bug.cgi?id=1238238
- https://bugzilla.redhat.com/show_bug.cgi?id=1245969
- https://bugzilla.redhat.com/show_bug.cgi?id=1252844
- https://bugzilla.redhat.com/show_bug.cgi?id=1252852
- https://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_2088.json
- https://access.redhat.com/security/cve/CVE-2015-5600
- https://www.cve.org/CVERecord?id=CVE-2015-5600
- https://nvd.nist.gov/vuln/detail/CVE-2015-5600
- https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/
- https://access.redhat.com/security/cve/CVE-2015-6563
- https://www.cve.org/CVERecord?id=CVE-2015-6563
- https://nvd.nist.gov/vuln/detail/CVE-2015-6563
- http://www.openssh.com/txt/release-7.0
- https://access.redhat.com/security/cve/CVE-2015-6564
- https://www.cve.org/CVERecord?id=CVE-2015-6564
- https://nvd.nist.gov/vuln/detail/CVE-2015-6564