Subject: | |
From: | |
Reply To: | |
Date: | Tue, 3 Dec 2013 20:07:08 +0000 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Low: openssh security, bug fix, and enhancement update
Advisory ID: SLSA-2013:1591-2
Issue Date: 2013-11-21
CVE Numbers: CVE-2010-5107
--
The default OpenSSH configuration made it easy for remote attackers to
exhaust unauthorized connection slots and prevent other users from being
able to log in to a system. This flaw has been addressed by enabling
random early connection drops by setting MaxStartups to 10:30:100 by
default. For more information, refer to the sshd_config(5) man page.
(CVE-2010-5107)
--
SL6
x86_64
openssh-5.3p1-94.el6.x86_64.rpm
openssh-askpass-5.3p1-94.el6.x86_64.rpm
openssh-clients-5.3p1-94.el6.x86_64.rpm
openssh-debuginfo-5.3p1-94.el6.x86_64.rpm
openssh-server-5.3p1-94.el6.x86_64.rpm
openssh-debuginfo-5.3p1-94.el6.i686.rpm
openssh-ldap-5.3p1-94.el6.x86_64.rpm
pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm
pam_ssh_agent_auth-0.9.3-94.el6.x86_64.rpm
i386
openssh-5.3p1-94.el6.i686.rpm
openssh-askpass-5.3p1-94.el6.i686.rpm
openssh-clients-5.3p1-94.el6.i686.rpm
openssh-debuginfo-5.3p1-94.el6.i686.rpm
openssh-server-5.3p1-94.el6.i686.rpm
openssh-ldap-5.3p1-94.el6.i686.rpm
pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm
The following RPMs were added for dependency resolution:
x86_64
openssl-1.0.1e-15.el6.i686.rpm
openssl-1.0.1e-15.el6.x86_64.rpm
openssl-devel-1.0.1e-15.el6.i686.rpm
openssl-devel-1.0.1e-15.el6.x86_64.rpm
openssl-perl-1.0.1e-15.el6.x86_64.rpm
openssl-static-1.0.1e-15.el6.x86_64.rpm
i386
openssl-1.0.1e-15.el6.i686.rpm
openssl-devel-1.0.1e-15.el6.i686.rpm
openssl-perl-1.0.1e-15.el6.i686.rpm
openssl-static-1.0.1e-15.el6.i686.rpm
- Scientific Linux Development Team
|
|
|