Synopsis: Low: openssh security, bug fix, and enhancement update Advisory ID: SLSA-2018:0980-1 Issue Date: 2018-04-10 CVE Numbers: CVE-2017-15906 -- Security Fix(es): * openssh: Improper write operations in readonly mode allow for zero- length file creation (CVE-2017-15906) Additional Changes: -- SL7 x86_64 openssh-7.4p1-16.el7.x86_64.rpm openssh-askpass-7.4p1-16.el7.x86_64.rpm openssh-clients-7.4p1-16.el7.x86_64.rpm openssh-debuginfo-7.4p1-16.el7.x86_64.rpm openssh-keycat-7.4p1-16.el7.x86_64.rpm openssh-server-7.4p1-16.el7.x86_64.rpm openssh-cavs-7.4p1-16.el7.x86_64.rpm openssh-debuginfo-7.4p1-16.el7.i686.rpm openssh-ldap-7.4p1-16.el7.x86_64.rpm openssh-server-sysvinit-7.4p1-16.el7.x86_64.rpm pam_ssh_agent_auth-0.10.3-2.16.el7.i686.rpm pam_ssh_agent_auth-0.10.3-2.16.el7.x86_64.rpm - Scientific Linux Development Team