AlmaLinux 2324 Published by

An openssh security update has been released for AlmaLinux 9.



ALSA-2023:2645 Moderate: openssh security update


Type:
security

Severity:
moderate

Release date:
2023-05-11

Description
Security Fix(es):
* openssh: the functions order_hostkeyalgs() and list_hostkey_types() leads to double-free vulnerability (CVE-2023-25136)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
RHSA-2023:2645
CVE-2023-25136
ALSA-2023:2645

Updates packages:
pam_ssh_agent_auth-0.10.4-5.29.el9_2.aarch64.rpm
openssh-askpass-8.7p1-29.el9_2.aarch64.rpm
pam_ssh_agent_auth-0.10.4-5.29.el9_2.x86_64.rpm
openssh-askpass-8.7p1-29.el9_2.x86_64.rpm
openssh-askpass-8.7p1-29.el9_2.ppc64le.rpm
pam_ssh_agent_auth-0.10.4-5.29.el9_2.ppc64le.rpm
openssh-keycat-8.7p1-29.el9_2.x86_64.rpm
openssh-8.7p1-29.el9_2.x86_64.rpm
openssh-clients-8.7p1-29.el9_2.x86_64.rpm
openssh-server-8.7p1-29.el9_2.x86_64.rpm
openssh-keycat-8.7p1-29.el9_2.ppc64le.rpm
openssh-clients-8.7p1-29.el9_2.ppc64le.rpm
openssh-server-8.7p1-29.el9_2.ppc64le.rpm
openssh-8.7p1-29.el9_2.ppc64le.rpm
openssh-clients-8.7p1-29.el9_2.aarch64.rpm
openssh-keycat-8.7p1-29.el9_2.aarch64.rpm
openssh-server-8.7p1-29.el9_2.aarch64.rpm
openssh-8.7p1-29.el9_2.aarch64.rpm
pam_ssh_agent_auth-0.10.4-5.29.el9_2.s390x.rpm
openssh-askpass-8.7p1-29.el9_2.s390x.rpm
openssh-8.7p1-29.el9_2.s390x.rpm
openssh-clients-8.7p1-29.el9_2.s390x.rpm
openssh-keycat-8.7p1-29.el9_2.s390x.rpm
openssh-server-8.7p1-29.el9_2.s390x.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:2645 Moderate: openssh security update