Package name
openssh
Date
2007-12-04
Advisory ID
MDKSA-2007:236
Affected versions
CS4.0 x86_64 , MNF2.0 i586 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2007.1 x86_64

Problem description

A flaw in OpenSSH prior to 4.7 prevented ssh from properly handling
when an untrusted cookie could not be created and used a trusted X11
cookie instead, which could allow attackers to violate intended policy
and gain privileges by causing an X client to be treated as trusted.

The updated packages have been patched to correct these issue.

Updated packages

CS4.0 x86_64

 64a174d447b1bdd4d208872761c93699  corporate/4.0/x86_64/openssh-4.3p1-0.5.20060mlcs4.x86_64.rpm
 a2e0aaa3f19ff1c4cd60eb532604e135  corporate/4.0/x86_64/openssh-askpass-4.3p1-0.5.20060mlcs4.x86_64.rpm
 395878603e050cc933b1881cc816e6bd  corporate/4.0/x86_64/openssh-askpass-gnome-4.3p1-0.5.20060mlcs4.x86_64.rpm
 b91a4ee6303eb5b2fdccd2dbafbf8489  corporate/4.0/x86_64/openssh-clients-4.3p1-0.5.20060mlcs4.x86_64.rpm
 b9e82cd190d6a267fabdf2811574ee7e  corporate/4.0/x86_64/openssh-server-4.3p1-0.5.20060mlcs4.x86_64.rpm 
 538f84577ba40e5e8694819dac96c9a5  corporate/4.0/SRPMS/openssh-4.3p1-0.5.20060mlcs4.src.rpm

MNF2.0 i586

 71dac329eac3c804698a1baf0717fc9e  mnf/2.0/i586/openssh-4.3p1-0.4.M20mdk.i586.rpm
 3e795210f939969b244221a716ef9c4b  mnf/2.0/i586/openssh-askpass-4.3p1-0.4.M20mdk.i586.rpm
 c864e4f11bc5ef7b44dbeba9252fdea6  mnf/2.0/i586/openssh-askpass-gnome-4.3p1-0.4.M20mdk.i586.rpm
 2be73ab0fc2e6f4139112107f46f68ae  mnf/2.0/i586/openssh-clients-4.3p1-0.4.M20mdk.i586.rpm
 3f4920bdbff70c3616c897d42524f379  mnf/2.0/i586/openssh-server-4.3p1-0.4.M20mdk.i586.rpm 
 d6dc4b60683bf87868733497ceb2b69c  mnf/2.0/SRPMS/openssh-4.3p1-0.4.M20mdk.src.rpm

2007.0 x86_64

 2722de4c5806b442152bf6f229bc4efc  2007.0/x86_64/openssh-4.5p1-0.2mdv2007.0.x86_64.rpm
 a89e68e2e0271c02814b1406c1242057  2007.0/x86_64/openssh-askpass-4.5p1-0.2mdv2007.0.x86_64.rpm
 d2bc689960ccc27cfb542764fc472d4f  2007.0/x86_64/openssh-askpass-common-4.5p1-0.2mdv2007.0.x86_64.rpm
 3c6227baf2de94a774cef12cadc4d183  2007.0/x86_64/openssh-askpass-gnome-4.5p1-0.2mdv2007.0.x86_64.rpm
 360f13087ea6f63eaced8eb4fde23185  2007.0/x86_64/openssh-clients-4.5p1-0.2mdv2007.0.x86_64.rpm
 67c9ae2c8c25b6475e15c325a929a807  2007.0/x86_64/openssh-server-4.5p1-0.2mdv2007.0.x86_64.rpm 
 0e57aefb82391e7b1fbe92fb7e8d24d3  2007.0/SRPMS/openssh-4.5p1-0.2mdv2007.0.src.rpm

2007.1 i586

 a4dcfec27b0a3b81a749f10e435a0be2  2007.1/i586/openssh-4.6p1-1.1mdv2007.1.i586.rpm
 e4a784a3c12a303a6c018c363b207e1c  2007.1/i586/openssh-askpass-4.6p1-1.1mdv2007.1.i586.rpm
 972dd1ba1fc63d7ca3e3f7ba3513b81f  2007.1/i586/openssh-askpass-common-4.6p1-1.1mdv2007.1.i586.rpm
 bbd0e91b2950e0142d11df0343ce1af9  2007.1/i586/openssh-askpass-gnome-4.6p1-1.1mdv2007.1.i586.rpm
 360972495eeea43e15dc46fa4b46fd5c  2007.1/i586/openssh-clients-4.6p1-1.1mdv2007.1.i586.rpm
 3859f217f6180403ef0e9c9aee3f6b27  2007.1/i586/openssh-server-4.6p1-1.1mdv2007.1.i586.rpm 
 fd0d1245e9d80df411acfff848868e83  2007.1/SRPMS/openssh-4.6p1-1.1mdv2007.1.src.rpm

2007.0 i586

 e04c3ab6175b622a65fe1a40fe52693f  2007.0/i586/openssh-4.5p1-0.2mdv2007.0.i586.rpm
 79ad72cdd5d02d29e1bc92a84853aa99  2007.0/i586/openssh-askpass-4.5p1-0.2mdv2007.0.i586.rpm
 d13252d924785d23495ceaa98c9dcc16  2007.0/i586/openssh-askpass-common-4.5p1-0.2mdv2007.0.i586.rpm
 2b21106f61185b6943425afa2d4a6098  2007.0/i586/openssh-askpass-gnome-4.5p1-0.2mdv2007.0.i586.rpm
 f36ce6d19951967248807d4acc259350  2007.0/i586/openssh-clients-4.5p1-0.2mdv2007.0.i586.rpm
 1a313da3c8131c0510ac7fc175b4ef9f  2007.0/i586/openssh-server-4.5p1-0.2mdv2007.0.i586.rpm 
 0e57aefb82391e7b1fbe92fb7e8d24d3  2007.0/SRPMS/openssh-4.5p1-0.2mdv2007.0.src.rpm

CS3.0 x86_64

 1eaae01a333d19ecfe0f83aa677fef29  corporate/3.0/x86_64/openssh-4.3p1-0.4.C30mdk.x86_64.rpm
 89a6586cd975949b516af7ce7c33db7d  corporate/3.0/x86_64/openssh-askpass-4.3p1-0.4.C30mdk.x86_64.rpm
 3bd3c05fd5987ce3cb8e6c167291bad9  corporate/3.0/x86_64/openssh-askpass-gnome-4.3p1-0.4.C30mdk.x86_64.rpm
 87f1a7a82d27b4f3dec8c9acadad8e95  corporate/3.0/x86_64/openssh-clients-4.3p1-0.4.C30mdk.x86_64.rpm
 2647668c96642eac2d75f7b99ee6cafb  corporate/3.0/x86_64/openssh-server-4.3p1-0.4.C30mdk.x86_64.rpm 
 b352aac12da1f4363f053ad84c21cad8  corporate/3.0/SRPMS/openssh-4.3p1-0.4.C30mdk.src.rpm

CS4.0 i586

 030bbafc87663dede9e8bf21dc0d06fa  corporate/4.0/i586/openssh-4.3p1-0.5.20060mlcs4.i586.rpm
 4ba7690bee29194a46fbeae5ba0aa0c2  corporate/4.0/i586/openssh-askpass-4.3p1-0.5.20060mlcs4.i586.rpm
 a8835f6ae66a77b4f7ed336afe0b8427  corporate/4.0/i586/openssh-askpass-gnome-4.3p1-0.5.20060mlcs4.i586.rpm
 4579a47617a3cb39dfc8c8ce600fad97  corporate/4.0/i586/openssh-clients-4.3p1-0.5.20060mlcs4.i586.rpm
 5d4a6f91ad5199aa22e3fd68bc91e1bc  corporate/4.0/i586/openssh-server-4.3p1-0.5.20060mlcs4.i586.rpm 
 538f84577ba40e5e8694819dac96c9a5  corporate/4.0/SRPMS/openssh-4.3p1-0.5.20060mlcs4.src.rpm

CS3.0 i586

 f23aeae4f1581eb34b894e87dd8316ce  corporate/3.0/i586/openssh-4.3p1-0.4.C30mdk.i586.rpm
 3f37d58c43b5d6e8a81be5e2c06d5349  corporate/3.0/i586/openssh-askpass-4.3p1-0.4.C30mdk.i586.rpm
 a5d683a4b9d6d88b732985eae4976c83  corporate/3.0/i586/openssh-askpass-gnome-4.3p1-0.4.C30mdk.i586.rpm
 d3bede3976187ca6c9ed3cd853f50444  corporate/3.0/i586/openssh-clients-4.3p1-0.4.C30mdk.i586.rpm
 1fc0580c40b91c3d057db44eb56a640f  corporate/3.0/i586/openssh-server-4.3p1-0.4.C30mdk.i586.rpm 
 b352aac12da1f4363f053ad84c21cad8  corporate/3.0/SRPMS/openssh-4.3p1-0.4.C30mdk.src.rpm

2007.1 x86_64

 c84ab8276ba205fc49c6fade4eeb4fc0  2007.1/x86_64/openssh-4.6p1-1.1mdv2007.1.x86_64.rpm
 564869cbbc4a53eb082a585fba2f91f7  2007.1/x86_64/openssh-askpass-4.6p1-1.1mdv2007.1.x86_64.rpm
 fcf1bd1893ebbf6c4d322a064ae73f4e  2007.1/x86_64/openssh-askpass-common-4.6p1-1.1mdv2007.1.x86_64.rpm
 ac83b2537b643d415f6077d30902cfe7  2007.1/x86_64/openssh-askpass-gnome-4.6p1-1.1mdv2007.1.x86_64.rpm
 479f39a1c7af953f86bcf5d34576a6be  2007.1/x86_64/openssh-clients-4.6p1-1.1mdv2007.1.x86_64.rpm
 cafc771d61a4d8a170e071ba789b3a90  2007.1/x86_64/openssh-server-4.6p1-1.1mdv2007.1.x86_64.rpm 
 fd0d1245e9d80df411acfff848868e83  2007.1/SRPMS/openssh-4.6p1-1.1mdv2007.1.src.rpm

References