Oracle alert ELSA-2024-4312 (openssh)

From:
               Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>
To:
               el-errata@oss.oracle.com
Subject:
               [El-errata] ELSA-2024-4312 Important: Oracle Linux 9 openssh security update
Date:
               Fri, 05 Jul 2024 08:22:18 -0700
Message-ID:
               <mailman.39.1720192947.5126.el-errata@oss.oracle.com>
Oracle Linux Security Advisory ELSA-2024-4312

http://linux.oracle.com/errata/ELSA-2024-4312.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
openssh-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-askpass-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-clients-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-keycat-8.7p1-38.0.2.el9_4.1.x86_64.rpm
openssh-server-8.7p1-38.0.2.el9_4.1.x86_64.rpm
pam_ssh_agent_auth-0.10.4-5.38.0.2.el9_4.1.x86_64.rpm

aarch64:
openssh-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-askpass-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-clients-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-keycat-8.7p1-38.0.2.el9_4.1.aarch64.rpm
openssh-server-8.7p1-38.0.2.el9_4.1.aarch64.rpm
pam_ssh_agent_auth-0.10.4-5.38.0.2.el9_4.1.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//openssh-8.7p1-38...

Related CVEs:

CVE-2024-6387

Description of changes:

[8.7p1-38.0.2.1]
- Update upstream references [Orabug: 36564626]

[8.7p1-38.1]
- Possible remote code execution due to a race condition (CVE-2024-6387)
  Resolves: RHEL-45347

_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

From:		Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>
To:		el-errata@oss.oracle.com
Subject:		[El-errata] ELSA-2024-4312 Important: Oracle Linux 9 openssh security update
Date:		Fri, 05 Jul 2024 08:22:18 -0700
Message-ID:		<mailman.39.1720192947.5126.el-errata@oss.oracle.com>