[FLSA-2006:168935] Updated openssh packages fix security issues

To: bugtraq@xxxxxxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [FLSA-2006:168935] Updated openssh packages fix security issues
From: Marc Deslauriers <marcdeslauriers@xxxxxxxxxxxx>
Date: Sat, 18 Feb 2006 14:20:20 -0500
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: Mozilla Thunderbird 1.0.7-1.1.fc4 (X11/20050929)
---------------------------------------------------------------------
               Fedora Legacy Update Advisory

Synopsis:          Updated openssh packages fix security issues
Advisory ID:       FLSA:168935
Issue date:        2006-02-18
Product:           Red Hat Linux, Fedora Core
Keywords:          Bugfix
CVE Names:         CVE-2004-2069 CVE-2006-0225
---------------------------------------------------------------------


---------------------------------------------------------------------
1. Topic:

Updated openssh packages that fix security issues are now available.

OpenSSH is OpenBSD's SSH (Secure SHell) protocol implementation. SSH
replaces rlogin and rsh, and provides secure encrypted communications
between two untrusted hosts over an insecure network. X11 connections
and arbitrary TCP/IP ports can also be forwarded over a secure channel.
Public key authentication can be used for "passwordless" access to
servers.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386
Fedora Core 2 - i386
Fedora Core 3 - i386, x86_64

3. Problem description:

A bug was found in the way the OpenSSH server handled the MaxStartups
and LoginGraceTime configuration variables. A malicious user could
connect to the SSH daemon in such a way that it would prevent additional
logins from occuring until the malicious connections are closed. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2004-2069 to this issue.

The scp command was found to expose filenames twice to shell expansion.
A malicious user could execute arbitrary commands by using specially
crafted filenames containing shell metacharacters or spaces. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CVE-2006-0225 to this issue.

Users of openssh should upgrade to these updated packages, which contain
backported patches to resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which
are not installed but included in the list will not be updated.  Note
that you can also use wildcards (*.rpm) if your current directory *only*
contains the desired RPMs.

Please note that this update is also available via yum and apt.  Many
people find this an easier way to apply updates.  To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.  This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=168935

6. RPMs required:

Red Hat Linux 7.3:
SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/openssh-3.1p1-14.3.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-askpass-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-askpass-gnome-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-clients-3.1p1-14.3.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/7.3/updates/i386/openssh-server-3.1p1-14.3.legacy.i386.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/openssh-3.5p1-11.4.legacy.src.rpm

i386:
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-askpass-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-askpass-gnome-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-clients-3.5p1-11.4.legacy.i386.rpm
http://download.fedoralegacy.org/redhat/9/updates/i386/openssh-server-3.5p1-11.4.legacy.i386.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/openssh-3.6.1p2-19.4.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-askpass-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-askpass-gnome-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-clients-3.6.1p2-19.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/1/updates/i386/openssh-server-3.6.1p2-19.4.legacy.i386.rpm

Fedora Core 2:

SRPM:
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/openssh-3.6.1p2-34.4.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-askpass-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-askpass-gnome-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-clients-3.6.1p2-34.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/2/updates/i386/openssh-server-3.6.1p2-34.4.legacy.i386.rpm

Fedora Core 3:

SRPM:
http://download.fedoralegacy.org/fedora/3/updates/SRPMS/openssh-3.9p1-8.0.4.legacy.src.rpm

i386:
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-askpass-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-askpass-gnome-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-clients-3.9p1-8.0.4.legacy.i386.rpm
http://download.fedoralegacy.org/fedora/3/updates/i386/openssh-server-3.9p1-8.0.4.legacy.i386.rpm

x86_64:
http://download.fedoralegacy.org/fedora/3/updates/x86_64/openssh-3.9p1-8.0.4.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/openssh-askpass-3.9p1-8.0.4.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/openssh-askpass-gnome-3.9p1-8.0.4.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/openssh-clients-3.9p1-8.0.4.legacy.x86_64.rpm
http://download.fedoralegacy.org/fedora/3/updates/x86_64/openssh-server-3.9p1-8.0.4.legacy.x86_64.rpm


7. Verification:

SHA1 sum                                 Package Name
---------------------------------------------------------------------

5c732eac2396d1dbc767c6706b936177b04e3ba9
redhat/7.3/updates/i386/openssh-3.1p1-14.3.legacy.i386.rpm
ac522209cbabd3638e8ca2b08bdf5453c1d9a8d4
redhat/7.3/updates/i386/openssh-askpass-3.1p1-14.3.legacy.i386.rpm
a79e45b1fd78f517a2dfb846e1814aeff35ab86d
redhat/7.3/updates/i386/openssh-askpass-gnome-3.1p1-14.3.legacy.i386.rpm
daa5d5518e33835ef47f41f3bb379d9659e2bc3f
redhat/7.3/updates/i386/openssh-clients-3.1p1-14.3.legacy.i386.rpm
28d3e3a66e6c786db875c5ea8d629b6abcc7fe5b
redhat/7.3/updates/i386/openssh-server-3.1p1-14.3.legacy.i386.rpm
d838db35baa90040dec9df7459af4682f8976b7a
redhat/7.3/updates/SRPMS/openssh-3.1p1-14.3.legacy.src.rpm
2e4da4da715512dccb420fc67f3bb24dae2d9a40
redhat/9/updates/i386/openssh-3.5p1-11.4.legacy.i386.rpm
af36bd2aa23d16986072cf15c6906add540f8b8a
redhat/9/updates/i386/openssh-askpass-3.5p1-11.4.legacy.i386.rpm
0cc2cf34bde4b876944c8f19c1cd58d9f4503757
redhat/9/updates/i386/openssh-askpass-gnome-3.5p1-11.4.legacy.i386.rpm
f0e967606a821ec50f6d0af708935a9f04b52d11
redhat/9/updates/i386/openssh-clients-3.5p1-11.4.legacy.i386.rpm
d49d40f814c95319dff11a49f8bb66dcdd3f808c
redhat/9/updates/i386/openssh-server-3.5p1-11.4.legacy.i386.rpm
38544ce3e39dbebcb15ce213f4aff9bf3edb93a7
redhat/9/updates/SRPMS/openssh-3.5p1-11.4.legacy.src.rpm
c962909e215becff41ab14353a0b1ef3f5a499fd
fedora/1/updates/i386/openssh-3.6.1p2-19.4.legacy.i386.rpm
61ca655031b498ba8c66a97f0792c4f9dbd0f795
fedora/1/updates/i386/openssh-askpass-3.6.1p2-19.4.legacy.i386.rpm
0201fe8254733f85cde19e17911015c38ae6f8fa
fedora/1/updates/i386/openssh-askpass-gnome-3.6.1p2-19.4.legacy.i386.rpm
3818241e59db35fe61773f7e59d9d83fafd4b16a
fedora/1/updates/i386/openssh-clients-3.6.1p2-19.4.legacy.i386.rpm
202bec4605eaf6054433a170a6432a3d449862cb
fedora/1/updates/i386/openssh-server-3.6.1p2-19.4.legacy.i386.rpm
e5b385dbba09ec63225c2eb25e22827d0e6fd789
fedora/1/updates/SRPMS/openssh-3.6.1p2-19.4.legacy.src.rpm
ca85182633a97ce1bb8c3bcb683d44242881703f
fedora/2/updates/i386/openssh-3.6.1p2-34.4.legacy.i386.rpm
f49c8368fe790df101b671a368f0ff47fdc0fad3
fedora/2/updates/i386/openssh-askpass-3.6.1p2-34.4.legacy.i386.rpm
281fe61d517ebff0a297cd4c6342c398debcd33f
fedora/2/updates/i386/openssh-askpass-gnome-3.6.1p2-34.4.legacy.i386.rpm
d25c9ca4c55732cc3368587cfd6b4b7629c52ee8
fedora/2/updates/i386/openssh-clients-3.6.1p2-34.4.legacy.i386.rpm
ec570330a25c600803dd2f88ff140726a66d3c7e
fedora/2/updates/i386/openssh-server-3.6.1p2-34.4.legacy.i386.rpm
4bf28b7a7d7a9fad922b6a1e96a0433320cab26e
fedora/2/updates/SRPMS/openssh-3.6.1p2-34.4.legacy.src.rpm
75001fc461867ff3b5f608423de99b5c0d9705e6
fedora/3/updates/i386/openssh-3.9p1-8.0.4.legacy.i386.rpm
e4a4bfc7866e2ace0c9b0a0a3b4598e9594fd6ae
fedora/3/updates/i386/openssh-askpass-3.9p1-8.0.4.legacy.i386.rpm
4df1fe9ad8bfcdee35dcddbc9fb124e513718275
fedora/3/updates/i386/openssh-askpass-gnome-3.9p1-8.0.4.legacy.i386.rpm
f53b372fcab1724ac8a073aebc9b04718439c894
fedora/3/updates/i386/openssh-clients-3.9p1-8.0.4.legacy.i386.rpm
8b800276ec20d03452cf1e39883315baa9c7a7df
fedora/3/updates/i386/openssh-server-3.9p1-8.0.4.legacy.i386.rpm
61a70c9f0cf6c152fb7f48c5857b5e002dc0527a
fedora/3/updates/x86_64/openssh-3.9p1-8.0.4.legacy.x86_64.rpm
b8e38615db4f431c1e87204a0ecaefbabde2479b
fedora/3/updates/x86_64/openssh-askpass-3.9p1-8.0.4.legacy.x86_64.rpm
5cd606345fb8b3ba1f7c1d6f005d18c50d0886bd
fedora/3/updates/x86_64/openssh-askpass-gnome-3.9p1-8.0.4.legacy.x86_64.rpm
db5f2a76871dc0e6987702a492ad84252a5211c4
fedora/3/updates/x86_64/openssh-clients-3.9p1-8.0.4.legacy.x86_64.rpm
18f578efebdc634ee6ab363064f9ac8d81fa5cf0
fedora/3/updates/x86_64/openssh-server-3.9p1-8.0.4.legacy.x86_64.rpm
8dc6ca866a0a5d0e2c01f4b898bbaa798399fa40
fedora/3/updates/SRPMS/openssh-3.9p1-8.0.4.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security.  Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

    rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

    sha1sum <filename>

8. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2069
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225

9. Contact:

The Fedora Legacy security contact is <secnotice@xxxxxxxxxxxxxxxx>. More
project details at http://www.fedoralegacy.org

---------------------------------------------------------------------
Attachment: signature.asc
Description: OpenPGP digital signature
Prev by Date: [ GLSA 200602-10 ] GnuPG: Incorrect signature verification
Next by Date: [FLSA-2006:152809] Updated squid package fixes security issues
Previous by thread: [ GLSA 200602-10 ] GnuPG: Incorrect signature verification
Next by thread: [FLSA-2006:152809] Updated squid package fixes security issues
Index(es):
- Date
- Thread