RHSA-2006:0697-01 Important: openssh security update
Posted on: 09/29/2006 03:30 AM

A new update is available for Red Hat Enterprise Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: openssh security update
Advisory ID: RHSA-2006:0697-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2006-0697.html
Issue date: 2006-09-28
Updated on: 2006-09-28
Product: Red Hat Enterprise Linux
CVE Names: CVE-2006-4924 CVE-2006-5051
- ---------------------------------------------------------------------

1. Summary:

Updated openssh packages that fix two security flaws are now available for
Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red Hat
Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. This
package includes the core files necessary for both the OpenSSH client and
server.

Mark Dowd discovered a signal handler race condition in the OpenSSH sshd
server. A remote attacker could possibly leverage this flaw to cause a
denial of service (crash). (CVE-2006-5051) The OpenSSH project believes the
likelihood of successful exploitation leading to arbitrary code execution
appears remote. However, the Red Hat Security Response Team have not yet
been able to verify this claim due to lack of upstream vulnerability
information. We are therefore including a fix for this flaw and have rated
it important security severity in the event our continued investigation
finds this issue to be exploitable.

Tavis Ormandy of the Google Security Team discovered a denial of service
bug in the OpenSSH sshd server. A remote attacker can send a specially
crafted SSH-1 request to the server causing sshd to consume a large
quantity of CPU resources. (CVE-2006-4924)

All users of openssh should upgrade to these updated packages, which
contain backported patches that resolves these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

207955 - CVE-2006-4924 openssh DoS
208347 - CVE-2006-5051 unsafe GSSAPI signal handler

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/openssh-3.6.1p2-33.30.12.src.rpm
8210acf1f435ab2035f18be8454293d4 openssh-3.6.1p2-33.30.12.src.rpm

i386:
89c6a0c942de0f4ad04f9bb025b8b92f openssh-3.6.1p2-33.30.12.i386.rpm
cfea382c2e368089b0b7ddd734d1b196 openssh-askpass-3.6.1p2-33.30.12.i386.rpm
48e8e543f87823d973b5e6b41b206eda openssh-askpass-gnome-3.6.1p2-33.30.12.i386.rpm
dfd7de84def7466a23f42d7773b7de86 openssh-clients-3.6.1p2-33.30.12.i386.rpm
bc0bad54903c78c47a4433a6b60e4a5c openssh-debuginfo-3.6.1p2-33.30.12.i386.rpm
3ac78136d49fa7a02673f4edc035ffe7 openssh-server-3.6.1p2-33.30.12.i386.rpm

ia64:
21a62ef6fbf25b1c3551e1d23e7188b4 openssh-3.6.1p2-33.30.12.ia64.rpm
fbb11f16c2c5ee21b1e3aaec515945e7 openssh-askpass-3.6.1p2-33.30.12.ia64.rpm
5da88d2d69c64665788e60b126824bc1 openssh-askpass-gnome-3.6.1p2-33.30.12.ia64.rpm
00120331cca393960c1ed8f6be8ce739 openssh-clients-3.6.1p2-33.30.12.ia64.rpm
4164f9030d6482bc689f705318869d98 openssh-debuginfo-3.6.1p2-33.30.12.ia64.rpm
cab6a4b4ce35eadb874c1d33930140d0 openssh-server-3.6.1p2-33.30.12.ia64.rpm

ppc:
ebf2a7d406a84c0e70cb6216da216c32 openssh-3.6.1p2-33.30.12.ppc.rpm
d870455bea7f5dc7811cb2e94653ddda openssh-askpass-3.6.1p2-33.30.12.ppc.rpm
1f3cc9855ed90aa1cbe3e513c509894f openssh-askpass-gnome-3.6.1p2-33.30.12.ppc.rpm
4ea6ff849faf590001a46bc5d8c3b0e0 openssh-clients-3.6.1p2-33.30.12.ppc.rpm
a8c6156346323142c2e3e4f9f929d578 openssh-debuginfo-3.6.1p2-33.30.12.ppc.rpm
d3c45cba4d701c389c82d7cbd9026fce openssh-server-3.6.1p2-33.30.12.ppc.rpm

s390:
ca9e19608f0c79d94c2cd82699daa287 openssh-3.6.1p2-33.30.12.s390.rpm
c83593e17d6991a8101a3982fa9df5b3 openssh-askpass-3.6.1p2-33.30.12.s390.rpm
a9efc41ec6458f035c579015ba7f3b98 openssh-askpass-gnome-3.6.1p2-33.30.12.s390.rpm
c5e8a4392e3f6be26c3cb61ca37ba3d5 openssh-clients-3.6.1p2-33.30.12.s390.rpm
9025f21c0f94247bbd6ed8603b19dc19 openssh-debuginfo-3.6.1p2-33.30.12.s390.rpm
b7d0f364841078bfe5cad8750ea638fa openssh-server-3.6.1p2-33.30.12.s390.rpm

s390x:
9d27c6f7bae2d4948a67a6ff6229b7c6 openssh-3.6.1p2-33.30.12.s390x.rpm
8261d07efa8d0647941cae4998f08f60 openssh-askpass-3.6.1p2-33.30.12.s390x.rpm
8926f0ebdbfe041f4921a793195e6814 openssh-askpass-gnome-3.6.1p2-33.30.12.s390x.rpm
d41e4131ee0e545215d76d9a2adeb09b openssh-clients-3.6.1p2-33.30.12.s390x.rpm
b8f6849c703be8c6fdb88b1b91fefd71 openssh-debuginfo-3.6.1p2-33.30.12.s390x.rpm
63f58387200cc0c682a4ea41ffc86bfe openssh-server-3.6.1p2-33.30.12.s390x.rpm

x86_64:
0dfabce4750cd29cf5983c1046abbdf2 openssh-3.6.1p2-33.30.12.x86_64.rpm
7ddc9d3c1aaa497e6e9f2ccfeef9ae63 openssh-askpass-3.6.1p2-33.30.12.x86_64.rpm
04689df5f2a4df0a6b7cf1358ad456cf openssh-askpass-gnome-3.6.1p2-33.30.12.x86_64.rpm
e662e6944cc24c928bae0a51850c5776 openssh-clients-3.6.1p2-33.30.12.x86_64.rpm
e37b56a43ee135c9847f6b0dae297acc openssh-debuginfo-3.6.1p2-33.30.12.x86_64.rpm
d4f75e6464c79333b96af81171803580 openssh-server-3.6.1p2-33.30.12.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/openssh-3.6.1p2-33.30.12.src.rpm
8210acf1f435ab2035f18be8454293d4 openssh-3.6.1p2-33.30.12.src.rpm

i386:
89c6a0c942de0f4ad04f9bb025b8b92f openssh-3.6.1p2-33.30.12.i386.rpm
cfea382c2e368089b0b7ddd734d1b196 openssh-askpass-3.6.1p2-33.30.12.i386.rpm
48e8e543f87823d973b5e6b41b206eda openssh-askpass-gnome-3.6.1p2-33.30.12.i386.rpm
dfd7de84def7466a23f42d7773b7de86 openssh-clients-3.6.1p2-33.30.12.i386.rpm
bc0bad54903c78c47a4433a6b60e4a5c openssh-debuginfo-3.6.1p2-33.30.12.i386.rpm
3ac78136d49fa7a02673f4edc035ffe7 openssh-server-3.6.1p2-33.30.12.i386.rpm

x86_64:
0dfabce4750cd29cf5983c1046abbdf2 openssh-3.6.1p2-33.30.12.x86_64.rpm
7ddc9d3c1aaa497e6e9f2ccfeef9ae63 openssh-askpass-3.6.1p2-33.30.12.x86_64.rpm
04689df5f2a4df0a6b7cf1358ad456cf openssh-askpass-gnome-3.6.1p2-33.30.12.x86_64.rpm
e662e6944cc24c928bae0a51850c5776 openssh-clients-3.6.1p2-33.30.12.x86_64.rpm
e37b56a43ee135c9847f6b0dae297acc openssh-debuginfo-3.6.1p2-33.30.12.x86_64.rpm
d4f75e6464c79333b96af81171803580 openssh-server-3.6.1p2-33.30.12.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/openssh-3.6.1p2-33.30.12.src.rpm
8210acf1f435ab2035f18be8454293d4 openssh-3.6.1p2-33.30.12.src.rpm

i386:
89c6a0c942de0f4ad04f9bb025b8b92f openssh-3.6.1p2-33.30.12.i386.rpm
cfea382c2e368089b0b7ddd734d1b196 openssh-askpass-3.6.1p2-33.30.12.i386.rpm
48e8e543f87823d973b5e6b41b206eda openssh-askpass-gnome-3.6.1p2-33.30.12.i386.rpm
dfd7de84def7466a23f42d7773b7de86 openssh-clients-3.6.1p2-33.30.12.i386.rpm
bc0bad54903c78c47a4433a6b60e4a5c openssh-debuginfo-3.6.1p2-33.30.12.i386.rpm
3ac78136d49fa7a02673f4edc035ffe7 openssh-server-3.6.1p2-33.30.12.i386.rpm

ia64:
21a62ef6fbf25b1c3551e1d23e7188b4 openssh-3.6.1p2-33.30.12.ia64.rpm
fbb11f16c2c5ee21b1e3aaec515945e7 openssh-askpass-3.6.1p2-33.30.12.ia64.rpm
5da88d2d69c64665788e60b126824bc1 openssh-askpass-gnome-3.6.1p2-33.30.12.ia64.rpm
00120331cca393960c1ed8f6be8ce739 openssh-clients-3.6.1p2-33.30.12.ia64.rpm
4164f9030d6482bc689f705318869d98 openssh-debuginfo-3.6.1p2-33.30.12.ia64.rpm
cab6a4b4ce35eadb874c1d33930140d0 openssh-server-3.6.1p2-33.30.12.ia64.rpm

x86_64:
0dfabce4750cd29cf5983c1046abbdf2 openssh-3.6.1p2-33.30.12.x86_64.rpm
7ddc9d3c1aaa497e6e9f2ccfeef9ae63 openssh-askpass-3.6.1p2-33.30.12.x86_64.rpm
04689df5f2a4df0a6b7cf1358ad456cf openssh-askpass-gnome-3.6.1p2-33.30.12.x86_64.rpm
e662e6944cc24c928bae0a51850c5776 openssh-clients-3.6.1p2-33.30.12.x86_64.rpm
e37b56a43ee135c9847f6b0dae297acc openssh-debuginfo-3.6.1p2-33.30.12.x86_64.rpm
d4f75e6464c79333b96af81171803580 openssh-server-3.6.1p2-33.30.12.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/openssh-3.6.1p2-33.30.12.src.rpm
8210acf1f435ab2035f18be8454293d4 openssh-3.6.1p2-33.30.12.src.rpm

i386:
89c6a0c942de0f4ad04f9bb025b8b92f openssh-3.6.1p2-33.30.12.i386.rpm
cfea382c2e368089b0b7ddd734d1b196 openssh-askpass-3.6.1p2-33.30.12.i386.rpm
48e8e543f87823d973b5e6b41b206eda openssh-askpass-gnome-3.6.1p2-33.30.12.i386.rpm
dfd7de84def7466a23f42d7773b7de86 openssh-clients-3.6.1p2-33.30.12.i386.rpm
bc0bad54903c78c47a4433a6b60e4a5c openssh-debuginfo-3.6.1p2-33.30.12.i386.rpm
3ac78136d49fa7a02673f4edc035ffe7 openssh-server-3.6.1p2-33.30.12.i386.rpm

ia64:
21a62ef6fbf25b1c3551e1d23e7188b4 openssh-3.6.1p2-33.30.12.ia64.rpm
fbb11f16c2c5ee21b1e3aaec515945e7 openssh-askpass-3.6.1p2-33.30.12.ia64.rpm
5da88d2d69c64665788e60b126824bc1 openssh-askpass-gnome-3.6.1p2-33.30.12.ia64.rpm
00120331cca393960c1ed8f6be8ce739 openssh-clients-3.6.1p2-33.30.12.ia64.rpm
4164f9030d6482bc689f705318869d98 openssh-debuginfo-3.6.1p2-33.30.12.ia64.rpm
cab6a4b4ce35eadb874c1d33930140d0 openssh-server-3.6.1p2-33.30.12.ia64.rpm

x86_64:
0dfabce4750cd29cf5983c1046abbdf2 openssh-3.6.1p2-33.30.12.x86_64.rpm
7ddc9d3c1aaa497e6e9f2ccfeef9ae63 openssh-askpass-3.6.1p2-33.30.12.x86_64.rpm
04689df5f2a4df0a6b7cf1358ad456cf openssh-askpass-gnome-3.6.1p2-33.30.12.x86_64.rpm
e662e6944cc24c928bae0a51850c5776 openssh-clients-3.6.1p2-33.30.12.x86_64.rpm
e37b56a43ee135c9847f6b0dae297acc openssh-debuginfo-3.6.1p2-33.30.12.x86_64.rpm
d4f75e6464c79333b96af81171803580 openssh-server-3.6.1p2-33.30.12.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/openssh-3.9p1-8.RHEL4.17.src.rpm
51be48086e7c82696796fbf56aa8c71a openssh-3.9p1-8.RHEL4.17.src.rpm

i386:
c3cfd9ebdd59ec90049c011d957ae2f2 openssh-3.9p1-8.RHEL4.17.i386.rpm
b77a94f1ae3fc9e8e3f0ac26614bd2ae openssh-askpass-3.9p1-8.RHEL4.17.i386.rpm
d7d1ae6eea1617248a1dd94d5aebfc56 openssh-askpass-gnome-3.9p1-8.RHEL4.17.i386.rpm
88055f8b632235cb4f6c041c77426bb7 openssh-clients-3.9p1-8.RHEL4.17.i386.rpm
a2e9e76ff1b7be50890a00f0164d4d13 openssh-debuginfo-3.9p1-8.RHEL4.17.i386.rpm
20e5ab164e2064fef4ee808eeca16e09 openssh-server-3.9p1-8.RHEL4.17.i386.rpm

ia64:
45422334f78e143b6b2e4594eecdc4a2 openssh-3.9p1-8.RHEL4.17.ia64.rpm
97de282c9b352e9c7a939e9797a790c9 openssh-askpass-3.9p1-8.RHEL4.17.ia64.rpm
970aae2acb04f46f50d91a525c2c727e openssh-askpass-gnome-3.9p1-8.RHEL4.17.ia64.rpm
65265a283172a054b6c66e7e8303dbde openssh-clients-3.9p1-8.RHEL4.17.ia64.rpm
3a1f117ab1269433208906ffd21c27d2 openssh-debuginfo-3.9p1-8.RHEL4.17.ia64.rpm
3af550bd7f29dc20a66bf6073f78e838 openssh-server-3.9p1-8.RHEL4.17.ia64.rpm

ppc:
b56f299da59de3d32569f19af8c4aa30 openssh-3.9p1-8.RHEL4.17.ppc.rpm
1584315bc0bc7549c8cc9875c116a33e openssh-askpass-3.9p1-8.RHEL4.17.ppc.rpm
6bc2ce2eb1990f3c26cabc5e29b20692 openssh-askpass-gnome-3.9p1-8.RHEL4.17.ppc.rpm
7b4847ee68bb6490b016597f94ba3a55 openssh-clients-3.9p1-8.RHEL4.17.ppc.rpm
d004d8c0b116140da77f495bacdfdd73 openssh-debuginfo-3.9p1-8.RHEL4.17.ppc.rpm
77e9a0c82dbd22c5f926e24a0bab20cb openssh-server-3.9p1-8.RHEL4.17.ppc.rpm

s390:
22fcb9d4f74ea6d454f939b6e1dead06 openssh-3.9p1-8.RHEL4.17.s390.rpm
6a5fdd69ec65e44f7ba8abae8da59a11 openssh-askpass-3.9p1-8.RHEL4.17.s390.rpm
7c3e5d5d17e75b61b5d74aea581041f3 openssh-askpass-gnome-3.9p1-8.RHEL4.17.s390.rpm
988c522bf640fb52fc39a3905bc054f4 openssh-clients-3.9p1-8.RHEL4.17.s390.rpm
c6452af2e33ff0cb6a370d80ec8fff56 openssh-debuginfo-3.9p1-8.RHEL4.17.s390.rpm
fa05b3c293f1712f53f193f67fa4dd80 openssh-server-3.9p1-8.RHEL4.17.s390.rpm

s390x:
546fc534b924a611a6a257b64ed7867d openssh-3.9p1-8.RHEL4.17.s390x.rpm
6ee531e6723591741e1ea801d90b4447 openssh-askpass-3.9p1-8.RHEL4.17.s390x.rpm
f3d1dee6e7cd55dfa3c557a99d2430b6 openssh-askpass-gnome-3.9p1-8.RHEL4.17.s390x.rpm
2e42bb134cbe5ebdb25cf4fc606165fa openssh-clients-3.9p1-8.RHEL4.17.s390x.rpm
4b46ceca4636e380c552e836b7f2ca5d openssh-debuginfo-3.9p1-8.RHEL4.17.s390x.rpm
94e50b5516ba1f08bc689981f4044b5d openssh-server-3.9p1-8.RHEL4.17.s390x.rpm

x86_64:
300fd86cea1f8687f1f48d202e850cb5 openssh-3.9p1-8.RHEL4.17.x86_64.rpm
025cfa10b241256c250c2a7bfac3bde3 openssh-askpass-3.9p1-8.RHEL4.17.x86_64.rpm
7abd38612b83c438dfc680a5e7c1b5fe openssh-askpass-gnome-3.9p1-8.RHEL4.17.x86_64.rpm
fd7e4e3239444a616ff2d367a691a9a9 openssh-clients-3.9p1-8.RHEL4.17.x86_64.rpm
5dd99e55283d986fbbaca82c37d391ed openssh-debuginfo-3.9p1-8.RHEL4.17.x86_64.rpm
24a2f23edd250635204f8ad486ca6920 openssh-server-3.9p1-8.RHEL4.17.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/openssh-3.9p1-8.RHEL4.17.src.rpm
51be48086e7c82696796fbf56aa8c71a openssh-3.9p1-8.RHEL4.17.src.rpm

i386:
c3cfd9ebdd59ec90049c011d957ae2f2 openssh-3.9p1-8.RHEL4.17.i386.rpm
b77a94f1ae3fc9e8e3f0ac26614bd2ae openssh-askpass-3.9p1-8.RHEL4.17.i386.rpm
d7d1ae6eea1617248a1dd94d5aebfc56 openssh-askpass-gnome-3.9p1-8.RHEL4.17.i386.rpm
88055f8b632235cb4f6c041c77426bb7 openssh-clients-3.9p1-8.RHEL4.17.i386.rpm
a2e9e76ff1b7be50890a00f0164d4d13 openssh-debuginfo-3.9p1-8.RHEL4.17.i386.rpm
20e5ab164e2064fef4ee808eeca16e09 openssh-server-3.9p1-8.RHEL4.17.i386.rpm

x86_64:
300fd86cea1f8687f1f48d202e850cb5 openssh-3.9p1-8.RHEL4.17.x86_64.rpm
025cfa10b241256c250c2a7bfac3bde3 openssh-askpass-3.9p1-8.RHEL4.17.x86_64.rpm
7abd38612b83c438dfc680a5e7c1b5fe openssh-askpass-gnome-3.9p1-8.RHEL4.17.x86_64.rpm
fd7e4e3239444a616ff2d367a691a9a9 openssh-clients-3.9p1-8.RHEL4.17.x86_64.rpm
5dd99e55283d986fbbaca82c37d391ed openssh-debuginfo-3.9p1-8.RHEL4.17.x86_64.rpm
24a2f23edd250635204f8ad486ca6920 openssh-server-3.9p1-8.RHEL4.17.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/openssh-3.9p1-8.RHEL4.17.src.rpm
51be48086e7c82696796fbf56aa8c71a openssh-3.9p1-8.RHEL4.17.src.rpm

i386:
c3cfd9ebdd59ec90049c011d957ae2f2 openssh-3.9p1-8.RHEL4.17.i386.rpm
b77a94f1ae3fc9e8e3f0ac26614bd2ae openssh-askpass-3.9p1-8.RHEL4.17.i386.rpm
d7d1ae6eea1617248a1dd94d5aebfc56 openssh-askpass-gnome-3.9p1-8.RHEL4.17.i386.rpm
88055f8b632235cb4f6c041c77426bb7 openssh-clients-3.9p1-8.RHEL4.17.i386.rpm
a2e9e76ff1b7be50890a00f0164d4d13 openssh-debuginfo-3.9p1-8.RHEL4.17.i386.rpm
20e5ab164e2064fef4ee808eeca16e09 openssh-server-3.9p1-8.RHEL4.17.i386.rpm

ia64:
45422334f78e143b6b2e4594eecdc4a2 openssh-3.9p1-8.RHEL4.17.ia64.rpm
97de282c9b352e9c7a939e9797a790c9 openssh-askpass-3.9p1-8.RHEL4.17.ia64.rpm
970aae2acb04f46f50d91a525c2c727e openssh-askpass-gnome-3.9p1-8.RHEL4.17.ia64.rpm
65265a283172a054b6c66e7e8303dbde openssh-clients-3.9p1-8.RHEL4.17.ia64.rpm
3a1f117ab1269433208906ffd21c27d2 openssh-debuginfo-3.9p1-8.RHEL4.17.ia64.rpm
3af550bd7f29dc20a66bf6073f78e838 openssh-server-3.9p1-8.RHEL4.17.ia64.rpm

x86_64:
300fd86cea1f8687f1f48d202e850cb5 openssh-3.9p1-8.RHEL4.17.x86_64.rpm
025cfa10b241256c250c2a7bfac3bde3 openssh-askpass-3.9p1-8.RHEL4.17.x86_64.rpm
7abd38612b83c438dfc680a5e7c1b5fe openssh-askpass-gnome-3.9p1-8.RHEL4.17.x86_64.rpm
fd7e4e3239444a616ff2d367a691a9a9 openssh-clients-3.9p1-8.RHEL4.17.x86_64.rpm
5dd99e55283d986fbbaca82c37d391ed openssh-debuginfo-3.9p1-8.RHEL4.17.x86_64.rpm
24a2f23edd250635204f8ad486ca6920 openssh-server-3.9p1-8.RHEL4.17.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/openssh-3.9p1-8.RHEL4.17.src.rpm
51be48086e7c82696796fbf56aa8c71a openssh-3.9p1-8.RHEL4.17.src.rpm

i386:
c3cfd9ebdd59ec90049c011d957ae2f2 openssh-3.9p1-8.RHEL4.17.i386.rpm
b77a94f1ae3fc9e8e3f0ac26614bd2ae openssh-askpass-3.9p1-8.RHEL4.17.i386.rpm
d7d1ae6eea1617248a1dd94d5aebfc56 openssh-askpass-gnome-3.9p1-8.RHEL4.17.i386.rpm
88055f8b632235cb4f6c041c77426bb7 openssh-clients-3.9p1-8.RHEL4.17.i386.rpm
a2e9e76ff1b7be50890a00f0164d4d13 openssh-debuginfo-3.9p1-8.RHEL4.17.i386.rpm
20e5ab164e2064fef4ee808eeca16e09 openssh-server-3.9p1-8.RHEL4.17.i386.rpm

ia64:
45422334f78e143b6b2e4594eecdc4a2 openssh-3.9p1-8.RHEL4.17.ia64.rpm
97de282c9b352e9c7a939e9797a790c9 openssh-askpass-3.9p1-8.RHEL4.17.ia64.rpm
970aae2acb04f46f50d91a525c2c727e openssh-askpass-gnome-3.9p1-8.RHEL4.17.ia64.rpm
65265a283172a054b6c66e7e8303dbde openssh-clients-3.9p1-8.RHEL4.17.ia64.rpm
3a1f117ab1269433208906ffd21c27d2 openssh-debuginfo-3.9p1-8.RHEL4.17.ia64.rpm
3af550bd7f29dc20a66bf6073f78e838 openssh-server-3.9p1-8.RHEL4.17.ia64.rpm

x86_64:
300fd86cea1f8687f1f48d202e850cb5 openssh-3.9p1-8.RHEL4.17.x86_64.rpm
025cfa10b241256c250c2a7bfac3bde3 openssh-askpass-3.9p1-8.RHEL4.17.x86_64.rpm
7abd38612b83c438dfc680a5e7c1b5fe openssh-askpass-gnome-3.9p1-8.RHEL4.17.x86_64.rpm
fd7e4e3239444a616ff2d367a691a9a9 openssh-clients-3.9p1-8.RHEL4.17.x86_64.rpm
5dd99e55283d986fbbaca82c37d391ed openssh-debuginfo-3.9p1-8.RHEL4.17.x86_64.rpm
24a2f23edd250635204f8ad486ca6920 openssh-server-3.9p1-8.RHEL4.17.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4924
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2006 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFFHGiwXlSAg2UNWIIRAtnQAKCg+o2DzpMsDQMswq8m612in/4wOwCgtd89
CjWgYHkVCQKSKSlYwcZ4E9U=
=0y2A
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_20060697_01_important_openssh_security_update.html)