Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openssh-clients-8.7p1-44.el9 RPM for x86_64

From CentOS Stream 9 BaseOS for x86_64

Name: openssh-clients Distribution: CentOS
Version: 8.7p1 Vendor: CentOS
Release: 44.el9 Build date: Mon Oct 21 14:29:10 2024
Group: Unspecified Build host: x86-03.stream.rdu2.redhat.com
Size: 2146861 Source RPM: openssh-8.7p1-44.el9.src.rpm
Packager: builder@centos.org
Url: http://www.openssh.com/portable.html
Summary: An open source SSH client applications
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.

Provides

Requires

License

BSD

Changelog

* Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44
  - Add extra help information on ssh early failure
    Resolves: RHEL-33809
  - Provide details on crypto error instead of "error in libcrypto"
    Resolves: RHEL-52293
  - Allow duplicate Subsystem directive
    Resolves: RHEL-47112
* Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43
  - Possible remote code execution due to a race condition (CVE-2024-6409)
    Resolves: RHEL-45741
* Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42
  - Possible remote code execution due to a race condition (CVE-2024-6387)
    Resolves: RHEL-45348
* Mon Jun 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-41
  - Fix ssh multiplexing connect timeout processing
    Resolves: RHEL-37748
* Thu May 02 2024 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-40
  - Correctly audit hostname and IP address
    Resolves: RHEL-22316
  - Make default key sizes configurable in sshd-keygen
    Resolves: RHEL-26454
* Wed Apr 24 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-39
  - Use FIPS-compatible API for key derivation
    Resolves: RHEL-32809
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
  - Fix Terrapin attack
    Resolves: CVE-2023-48795
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-37
  - Fix Terrapin attack
    Resolves: CVE-2023-48795
* Wed Dec 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-36
  - Fix Terrapin attack
    Resolves: CVE-2023-48795
  - Relax OpenSSH build-time checks for OpenSSL version
    Related: RHEL-4734
  - Forbid shell metasymbols in username/hostname
    Resolves: CVE-2023-51385
* Mon Oct 23 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-35
  - Relax OpenSSH checks for OpenSSL version
    Resolves: RHEL-4734
  - Limit artificial delays in sshd while login using AD user
    Resolves: RHEL-2469
  - Move users/groups creation logic to sysusers.d fragments
    Resolves: RHEL-5222
* Thu Jul 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-34
  - Avoid remote code execution in ssh-agent PKCS#11 support
    Resolves: CVE-2023-38408
* Tue Jun 13 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-33
  - Allow specifying validity interval in UTC
    Resolves: rhbz#2115043
* Wed May 24 2023 Norbert Pocs <npocs@redhat.com> - 8.7p1-32
  - Fix pkcs11 issue with the recent changes
  - Delete unnecessary log messages from previous compl-dh patch
  - Add ssh_config man page explanation on rhbz#2068423
  - Resolves: rhbz#2207793, rhbz#2209096
* Tue May 16 2023 Norbert Pocs <npocs@redhat.com> - 8.7p1-31
  - Fix minor issues with openssh-8.7p1-evp-fips-compl-dh.patch:
  - Check return values
  - Use EVP API to get the size of DH
  - Add some log debug lines
  - Related: rhbz#2091694
* Thu Apr 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-30
  - Some non-terminating processes were listening on ports.
    Resolves: rhbz#2177768
  - On sshd startup, we check whether signing using the SHA1 for signing is
    available and don't use it when it isn't.
  - On ssh private key conversion we explicitly use SHA2 for testing RSA keys.
  - In sshd, when SHA1 signatures are unavailable, we fallback (fall forward :) )
    to SHA2 on host keys proof confirmation.
  - On a client side we permit SHA2-based proofs from server when requested SHA1
    proof (or didn't specify the hash algorithm that implies SHA1 on the client
    side). It is aligned with already present exception for RSA certificates.
  - We fallback to SHA2 if SHA1 signatures is not available on the client side
    (file sshconnect2.c).
  - We skip dss-related tests (they don't work without SHA1).
    Resolves: rhbz#2070163
  - FIPS compliance efforts for dh, ecdh and signing
    Resolves: rhbz#2091694
* Thu Apr 06 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-29
  - Resolve possible self-DoS with some clients
    Resolves: rhbz#2186473
* Thu Jan 12 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-28
  - Do not try to use SHA1 for host key ownership proof when we don't support it server-side
    Resolves: rhbz#2088750
* Thu Jan 12 2023 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-27
  - Add sk-dummy subpackage for test purposes
    Resolves: rhbz#2092780
* Fri Jan 06 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-26
  - Fix one-byte overflow in SSH banner processing
    Resolves: rhbz#2138345
  - Fix double free() in error path
    Resolves: rhbz#2138347
* Fri Dec 16 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-25
  - Build fix after OpenSSL rebase
    Resolves: rhbz#2153626

Files

/etc/ssh/ssh_config
/etc/ssh/ssh_config.d
/etc/ssh/ssh_config.d/50-redhat.conf
/usr/bin/scp
/usr/bin/sftp
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-copy-id
/usr/bin/ssh-keyscan
/usr/lib/.build-id
/usr/lib/.build-id/0e
/usr/lib/.build-id/0e/f75bbe814bf2a6f7cbe1d00f63c64d07267b4d
/usr/lib/.build-id/12
/usr/lib/.build-id/12/d7760a9a934a9623c2a83fd06c9a3e7e81dcbb
/usr/lib/.build-id/15
/usr/lib/.build-id/15/e44a8f84c2395d3473e42b039143556c3c67a6
/usr/lib/.build-id/1f
/usr/lib/.build-id/1f/9d03ae9e3227240bee1ff2c7640aca9aedb913
/usr/lib/.build-id/2a
/usr/lib/.build-id/2a/955a814fdd98b998ca38cfed0e71c2c29377ab
/usr/lib/.build-id/35
/usr/lib/.build-id/35/aa14598c09e40f5ddf95579aa4423ef43ded62
/usr/lib/.build-id/86
/usr/lib/.build-id/86/a09e393cb5fc29b7e34cbfae3ac72adae915df
/usr/lib/.build-id/e4
/usr/lib/.build-id/e4/a1a6697f9194dfae640253675d4b13531b1c32
/usr/lib/systemd/user/ssh-agent.service
/usr/libexec/openssh/ssh-pkcs11-helper
/usr/libexec/openssh/ssh-sk-helper
/usr/share/man/man1/scp.1.gz
/usr/share/man/man1/sftp.1.gz
/usr/share/man/man1/ssh-add.1.gz
/usr/share/man/man1/ssh-agent.1.gz
/usr/share/man/man1/ssh-copy-id.1.gz
/usr/share/man/man1/ssh-keyscan.1.gz
/usr/share/man/man1/ssh.1.gz
/usr/share/man/man5/ssh_config.5.gz
/usr/share/man/man8/ssh-pkcs11-helper.8.gz
/usr/share/man/man8/ssh-sk-helper.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Dec 10 09:06:40 2024