MDKSA-2007:236
- Nom du paquet
- openssh
- Date
- 2007-12-04
- Advisory ID
- MDKSA-2007:236
- Affected versions
- CS4.0 x86_64 , MNF2.0 i586 , 2007.0 x86_64 , 2007.1 i586 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2007.1 x86_64
Problem description
A flaw in OpenSSH prior to 4.7 prevented ssh from properly handling
when an untrusted cookie could not be created and used a trusted X11
cookie instead, which could allow attackers to violate intended policy
and gain privileges by causing an X client to be treated as trusted.
The updated packages have been patched to correct these issue.
Updated packages
CS4.0 x86_64
64a174d447b1bdd4d208872761c93699 corporate/4.0/x86_64/openssh-4.3p1-0.5.20060mlcs4.x86_64.rpm a2e0aaa3f19ff1c4cd60eb532604e135 corporate/4.0/x86_64/openssh-askpass-4.3p1-0.5.20060mlcs4.x86_64.rpm 395878603e050cc933b1881cc816e6bd corporate/4.0/x86_64/openssh-askpass-gnome-4.3p1-0.5.20060mlcs4.x86_64.rpm b91a4ee6303eb5b2fdccd2dbafbf8489 corporate/4.0/x86_64/openssh-clients-4.3p1-0.5.20060mlcs4.x86_64.rpm b9e82cd190d6a267fabdf2811574ee7e corporate/4.0/x86_64/openssh-server-4.3p1-0.5.20060mlcs4.x86_64.rpm 538f84577ba40e5e8694819dac96c9a5 corporate/4.0/SRPMS/openssh-4.3p1-0.5.20060mlcs4.src.rpm
MNF2.0 i586
71dac329eac3c804698a1baf0717fc9e mnf/2.0/i586/openssh-4.3p1-0.4.M20mdk.i586.rpm 3e795210f939969b244221a716ef9c4b mnf/2.0/i586/openssh-askpass-4.3p1-0.4.M20mdk.i586.rpm c864e4f11bc5ef7b44dbeba9252fdea6 mnf/2.0/i586/openssh-askpass-gnome-4.3p1-0.4.M20mdk.i586.rpm 2be73ab0fc2e6f4139112107f46f68ae mnf/2.0/i586/openssh-clients-4.3p1-0.4.M20mdk.i586.rpm 3f4920bdbff70c3616c897d42524f379 mnf/2.0/i586/openssh-server-4.3p1-0.4.M20mdk.i586.rpm d6dc4b60683bf87868733497ceb2b69c mnf/2.0/SRPMS/openssh-4.3p1-0.4.M20mdk.src.rpm
2007.0 x86_64
2722de4c5806b442152bf6f229bc4efc 2007.0/x86_64/openssh-4.5p1-0.2mdv2007.0.x86_64.rpm a89e68e2e0271c02814b1406c1242057 2007.0/x86_64/openssh-askpass-4.5p1-0.2mdv2007.0.x86_64.rpm d2bc689960ccc27cfb542764fc472d4f 2007.0/x86_64/openssh-askpass-common-4.5p1-0.2mdv2007.0.x86_64.rpm 3c6227baf2de94a774cef12cadc4d183 2007.0/x86_64/openssh-askpass-gnome-4.5p1-0.2mdv2007.0.x86_64.rpm 360f13087ea6f63eaced8eb4fde23185 2007.0/x86_64/openssh-clients-4.5p1-0.2mdv2007.0.x86_64.rpm 67c9ae2c8c25b6475e15c325a929a807 2007.0/x86_64/openssh-server-4.5p1-0.2mdv2007.0.x86_64.rpm 0e57aefb82391e7b1fbe92fb7e8d24d3 2007.0/SRPMS/openssh-4.5p1-0.2mdv2007.0.src.rpm
2007.1 i586
a4dcfec27b0a3b81a749f10e435a0be2 2007.1/i586/openssh-4.6p1-1.1mdv2007.1.i586.rpm e4a784a3c12a303a6c018c363b207e1c 2007.1/i586/openssh-askpass-4.6p1-1.1mdv2007.1.i586.rpm 972dd1ba1fc63d7ca3e3f7ba3513b81f 2007.1/i586/openssh-askpass-common-4.6p1-1.1mdv2007.1.i586.rpm bbd0e91b2950e0142d11df0343ce1af9 2007.1/i586/openssh-askpass-gnome-4.6p1-1.1mdv2007.1.i586.rpm 360972495eeea43e15dc46fa4b46fd5c 2007.1/i586/openssh-clients-4.6p1-1.1mdv2007.1.i586.rpm 3859f217f6180403ef0e9c9aee3f6b27 2007.1/i586/openssh-server-4.6p1-1.1mdv2007.1.i586.rpm fd0d1245e9d80df411acfff848868e83 2007.1/SRPMS/openssh-4.6p1-1.1mdv2007.1.src.rpm
2007.0 i586
e04c3ab6175b622a65fe1a40fe52693f 2007.0/i586/openssh-4.5p1-0.2mdv2007.0.i586.rpm 79ad72cdd5d02d29e1bc92a84853aa99 2007.0/i586/openssh-askpass-4.5p1-0.2mdv2007.0.i586.rpm d13252d924785d23495ceaa98c9dcc16 2007.0/i586/openssh-askpass-common-4.5p1-0.2mdv2007.0.i586.rpm 2b21106f61185b6943425afa2d4a6098 2007.0/i586/openssh-askpass-gnome-4.5p1-0.2mdv2007.0.i586.rpm f36ce6d19951967248807d4acc259350 2007.0/i586/openssh-clients-4.5p1-0.2mdv2007.0.i586.rpm 1a313da3c8131c0510ac7fc175b4ef9f 2007.0/i586/openssh-server-4.5p1-0.2mdv2007.0.i586.rpm 0e57aefb82391e7b1fbe92fb7e8d24d3 2007.0/SRPMS/openssh-4.5p1-0.2mdv2007.0.src.rpm
CS3.0 x86_64
1eaae01a333d19ecfe0f83aa677fef29 corporate/3.0/x86_64/openssh-4.3p1-0.4.C30mdk.x86_64.rpm 89a6586cd975949b516af7ce7c33db7d corporate/3.0/x86_64/openssh-askpass-4.3p1-0.4.C30mdk.x86_64.rpm 3bd3c05fd5987ce3cb8e6c167291bad9 corporate/3.0/x86_64/openssh-askpass-gnome-4.3p1-0.4.C30mdk.x86_64.rpm 87f1a7a82d27b4f3dec8c9acadad8e95 corporate/3.0/x86_64/openssh-clients-4.3p1-0.4.C30mdk.x86_64.rpm 2647668c96642eac2d75f7b99ee6cafb corporate/3.0/x86_64/openssh-server-4.3p1-0.4.C30mdk.x86_64.rpm b352aac12da1f4363f053ad84c21cad8 corporate/3.0/SRPMS/openssh-4.3p1-0.4.C30mdk.src.rpm
CS4.0 i586
030bbafc87663dede9e8bf21dc0d06fa corporate/4.0/i586/openssh-4.3p1-0.5.20060mlcs4.i586.rpm 4ba7690bee29194a46fbeae5ba0aa0c2 corporate/4.0/i586/openssh-askpass-4.3p1-0.5.20060mlcs4.i586.rpm a8835f6ae66a77b4f7ed336afe0b8427 corporate/4.0/i586/openssh-askpass-gnome-4.3p1-0.5.20060mlcs4.i586.rpm 4579a47617a3cb39dfc8c8ce600fad97 corporate/4.0/i586/openssh-clients-4.3p1-0.5.20060mlcs4.i586.rpm 5d4a6f91ad5199aa22e3fd68bc91e1bc corporate/4.0/i586/openssh-server-4.3p1-0.5.20060mlcs4.i586.rpm 538f84577ba40e5e8694819dac96c9a5 corporate/4.0/SRPMS/openssh-4.3p1-0.5.20060mlcs4.src.rpm
CS3.0 i586
f23aeae4f1581eb34b894e87dd8316ce corporate/3.0/i586/openssh-4.3p1-0.4.C30mdk.i586.rpm 3f37d58c43b5d6e8a81be5e2c06d5349 corporate/3.0/i586/openssh-askpass-4.3p1-0.4.C30mdk.i586.rpm a5d683a4b9d6d88b732985eae4976c83 corporate/3.0/i586/openssh-askpass-gnome-4.3p1-0.4.C30mdk.i586.rpm d3bede3976187ca6c9ed3cd853f50444 corporate/3.0/i586/openssh-clients-4.3p1-0.4.C30mdk.i586.rpm 1fc0580c40b91c3d057db44eb56a640f corporate/3.0/i586/openssh-server-4.3p1-0.4.C30mdk.i586.rpm b352aac12da1f4363f053ad84c21cad8 corporate/3.0/SRPMS/openssh-4.3p1-0.4.C30mdk.src.rpm
2007.1 x86_64
c84ab8276ba205fc49c6fade4eeb4fc0 2007.1/x86_64/openssh-4.6p1-1.1mdv2007.1.x86_64.rpm 564869cbbc4a53eb082a585fba2f91f7 2007.1/x86_64/openssh-askpass-4.6p1-1.1mdv2007.1.x86_64.rpm fcf1bd1893ebbf6c4d322a064ae73f4e 2007.1/x86_64/openssh-askpass-common-4.6p1-1.1mdv2007.1.x86_64.rpm ac83b2537b643d415f6077d30902cfe7 2007.1/x86_64/openssh-askpass-gnome-4.6p1-1.1mdv2007.1.x86_64.rpm 479f39a1c7af953f86bcf5d34576a6be 2007.1/x86_64/openssh-clients-4.6p1-1.1mdv2007.1.x86_64.rpm cafc771d61a4d8a170e071ba789b3a90 2007.1/x86_64/openssh-server-4.6p1-1.1mdv2007.1.x86_64.rpm fd0d1245e9d80df411acfff848868e83 2007.1/SRPMS/openssh-4.6p1-1.1mdv2007.1.src.rpm