Synopsis: Low: openssh security, bug fix, and enhancement update Advisory ID: SLSA-2013:1591-2 Issue Date: 2013-11-21 CVE Numbers: CVE-2010-5107 -- The default OpenSSH configuration made it easy for remote attackers to exhaust unauthorized connection slots and prevent other users from being able to log in to a system. This flaw has been addressed by enabling random early connection drops by setting MaxStartups to 10:30:100 by default. For more information, refer to the sshd_config(5) man page. (CVE-2010-5107) -- SL6 x86_64 openssh-5.3p1-94.el6.x86_64.rpm openssh-askpass-5.3p1-94.el6.x86_64.rpm openssh-clients-5.3p1-94.el6.x86_64.rpm openssh-debuginfo-5.3p1-94.el6.x86_64.rpm openssh-server-5.3p1-94.el6.x86_64.rpm openssh-debuginfo-5.3p1-94.el6.i686.rpm openssh-ldap-5.3p1-94.el6.x86_64.rpm pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm pam_ssh_agent_auth-0.9.3-94.el6.x86_64.rpm i386 openssh-5.3p1-94.el6.i686.rpm openssh-askpass-5.3p1-94.el6.i686.rpm openssh-clients-5.3p1-94.el6.i686.rpm openssh-debuginfo-5.3p1-94.el6.i686.rpm openssh-server-5.3p1-94.el6.i686.rpm openssh-ldap-5.3p1-94.el6.i686.rpm pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm The following RPMs were added for dependency resolution: x86_64 openssl-1.0.1e-15.el6.i686.rpm openssl-1.0.1e-15.el6.x86_64.rpm openssl-devel-1.0.1e-15.el6.i686.rpm openssl-devel-1.0.1e-15.el6.x86_64.rpm openssl-perl-1.0.1e-15.el6.x86_64.rpm openssl-static-1.0.1e-15.el6.x86_64.rpm i386 openssl-1.0.1e-15.el6.i686.rpm openssl-devel-1.0.1e-15.el6.i686.rpm openssl-perl-1.0.1e-15.el6.i686.rpm openssl-static-1.0.1e-15.el6.i686.rpm - Scientific Linux Development Team