RLSA-2024:0606

Synopsis

Moderate: openssh security update

Description

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)

* openssh: potential command injection via shell metacharacters (CVE-2023-51385)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 8 aarch64

Fixes

2254210 2255271

CVEs

CVE-2023-48795 CVE-2023-51385

Affected packages

Rocky Linux 8 aarch64 - BaseOS

openssh-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-0:8.0p1-19.el8_9.2.src.rpm openssh-cavs-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-cavs-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-clients-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-clients-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-debugsource-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-keycat-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-keycat-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-ldap-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-ldap-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-server-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-server-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm pam_ssh_agent_auth-0:0.10.3-7.19.el8_9.2.aarch64.rpm pam_ssh_agent_auth-debuginfo-0:0.10.3-7.19.el8_9.2.aarch64.rpm

Rocky Linux 8 aarch64 - AppStream

openssh-askpass-0:8.0p1-19.el8_9.2.aarch64.rpm openssh-askpass-debuginfo-0:8.0p1-19.el8_9.2.aarch64.rpm