[Oraclevm-errata] OVMSA-2016-0030 Important: Oracle VM 3.2 openssh security update

Errata Announcements for Oracle VM oraclevm-errata at oss.oracle.com
Wed Feb 24 18:54:21 PST 2016


Oracle VM Security Advisory OVMSA-2016-0030

The following updated rpms for Oracle VM 3.2 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
openssh-4.3p2-82.0.1.el5.x86_64.rpm
openssh-clients-4.3p2-82.0.1.el5.x86_64.rpm
openssh-server-4.3p2-82.0.1.el5.x86_64.rpm


SRPMS:
http://oss.oracle.com/oraclevm/server/3.2/SRPMS-updates/openssh-4.3p2-82.0.1.el5.src.rpm



Description of changes:

[4.3p2-82.0.1]
- change default value of MaxStartups - CVE-2010-5107 (John Haxby) 
[orabug 22766491]

[4.3p2-82]
- improve RNG seeding from /dev/random (#681291,#708056)

[4.3p2-81]
- make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
   SSH banner exchange (#750725)

[4.3p2-80]
- use IPV6_V6ONLY for sshd inet6 listening socket (#640857)

[4.3p2-79]
- add LANGUAGE to the sent/accepted evvironment (#710229)
- ssh-copy-id copies now id_rsa.pub by default (#731930)
- repairs man pages (#731925)

[4.3p2-78]
- set cloexec on accept socket (#642935)
- add umask to sftp (#720598)
- enable lastolg for big uids (#706315)

[4.3p2-77]
- enable selinux domain transition to passwd_t (#689406)

[4.3p2-76]
- enable pubkey auth in the fips mode (#674747)

[4.3p2-75]
- improve resseding the prng from /dev/urandom or /dev/random 
respectively (#681291)

[4.3p2-73]
- periodically ressed the prng from /dev/urandom or /dev/random 
respectively (#681291)

[4.3p2-72]
- change cipher preferences (#661716)

[4.3p2-71]
- change cipher preferences (#661716)
- enable to run sshd as non root user (#661669)

[4.3p2-70]
- reenable rekeying (#659242)

[4.3p2-69]
- add nss keys to key audit patch (#632402)

[4.3p2-68]
- key audit patch (#632402)

[4.3p2-47]
- supply forced command documentation (#532559)

[4.3p2-46]
- compile in the OpenSSL engine support

[4.3p2-45]
- record lastlog with big uid (#616396)

[4.3p2-44]
- add OpenSSL engine support (#594815)

[4.3p2-43]
- backport forced command directive (#532559)

[4.3p2-42]
- stderr does not more disturb sftp (#576765)




More information about the Oraclevm-errata mailing list