[SECURITY] Fedora Core 4 Update: openssh-4.2p1-fc4.10

Tomas Mraz tmraz at redhat.com
Mon Jan 23 17:09:42 UTC 2006


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-056
2006-01-23
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : openssh
Version     : 4.2p1                      
Release     : fc4.10                  
Summary     : The OpenSSH implementation of SSH protocol versions 1 and 2.
Description :
SSH (Secure SHell) is a program for logging into and executing
commands on a remote machine. SSH is intended to replace rlogin and
rsh, and to provide secure encrypted communications between two
untrusted hosts over an insecure network. X11 connections and
arbitrary TCP/IP ports can also be forwarded over the secure channel.

OpenSSH is OpenBSD's version of the last free version of SSH, bringing
it up to date in terms of security and features, as well as removing
all patented algorithms to separate libraries.

This package includes the core files necessary for both the OpenSSH
client and server. To make this package useful, you should also
install openssh-clients, openssh-server, or both.

---------------------------------------------------------------------
Update Information:

This is a minor security update which fixes double shell
expansion in local to local and remote to remote copy with
scp. It also fixes a few other minor non-security issues.

---------------------------------------------------------------------
* Mon Jan 23 2006 Tomas Mraz <tmraz at redhat.com> 4.2p1-fc4.10
- upstream patch for regression in X11 forwarding (#168703)
- _GNU_SOURCE should be used instead of __USE_GNU
- use fork+exec instead of system in scp - CVE-2006-0225 (#168167)
- upstream patch for displaying authentication errors
- install ssh-copy-id from contrib (#88707)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

994fee18b120794ffe1ff86ad7bf131ee8b88ccf  SRPMS/openssh-4.2p1-fc4.10.src.rpm
6bcc9cd98830e18b0159564176fa009c46b80856  ppc/openssh-4.2p1-fc4.10.ppc.rpm
d40dba0afd9822437ed7a5a696ee3daa279411ec  ppc/openssh-clients-4.2p1-fc4.10.ppc.rpm
c94bb942d7792b9afa900dd0287949e04ca32b28  ppc/openssh-server-4.2p1-fc4.10.ppc.rpm
05e7f1c5319ff9570a9e845f8c700fe90c7c31b5  ppc/openssh-askpass-4.2p1-fc4.10.ppc.rpm
b6e551070bbee67f7fd946911c97178626d3da65  ppc/openssh-askpass-gnome-4.2p1-fc4.10.ppc.rpm
f480a6976ff55113f91feab46595e6d635261e2c  ppc/debug/openssh-debuginfo-4.2p1-fc4.10.ppc.rpm
0165741a413a34444d01b258438277bbd9bddf2d  x86_64/openssh-4.2p1-fc4.10.x86_64.rpm
2cf77f379b5c23d79aae51dc9c6b1d57d0f09c26  x86_64/openssh-clients-4.2p1-fc4.10.x86_64.rpm
552067e9c66d6a9ad7948456f647639f80c5a704  x86_64/openssh-server-4.2p1-fc4.10.x86_64.rpm
e9ff3b7547b24c008e971ebab33a0c6129337388  x86_64/openssh-askpass-4.2p1-fc4.10.x86_64.rpm
02ca70440cdbc3a0d120c33f86e6a478e8a8dca6  x86_64/openssh-askpass-gnome-4.2p1-fc4.10.x86_64.rpm
5bc5c6c6f70beea25bfadc187468b2bf5c1d4559  x86_64/debug/openssh-debuginfo-4.2p1-fc4.10.x86_64.rpm
5f807379bdf5b01a2832c7098bebead38dd1d9e7  i386/openssh-4.2p1-fc4.10.i386.rpm
381e4cec46f4e8f52ef025ecc12f3550fd9047f8  i386/openssh-clients-4.2p1-fc4.10.i386.rpm
c829cdaecc4e1717602b71f5801446048605d0e3  i386/openssh-server-4.2p1-fc4.10.i386.rpm
27da09faab909fa05fe25d4f7193e85a19d11f57  i386/openssh-askpass-4.2p1-fc4.10.i386.rpm
f5ae2f000b0b6daa7f8f630a5ca21de6bb296459  i386/openssh-askpass-gnome-4.2p1-fc4.10.i386.rpm
118203388385081425531090a807e71116eaae88  i386/debug/openssh-debuginfo-4.2p1-fc4.10.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the announce mailing list