Oracle Linux 7 : openssh (ELSA-2015-0425)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0425 advisory. - add new option GSSAPIEnablek5users and disable using /.k5users by default CVE-2014-9278 1169843 - prevent a server from skipping SSHFP lookup -...

openssh security, bug fix and enhancement update

6.6.1p1-11 + 0.9.3-9 - fix direction in CRYPTOSESSION audit message 1171248 6.6.1p1-10 + 0.9.3-9 - add new option GSSAPIEnablek5users and disable using /.k5users by default CVE-2014-9278 1169843 6.6.1p1-9 + 0.9.3-9 - log via monitor in chroots without /dev/log 1083482 6.6.1p1-8 + 0.9.3-9 - increa...

Oracle Linux 6 : openssh (ELSA-2014-1552)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1552 advisory. - prevent a server from skipping SSHFP lookup 1081338 CVE-2014-2653 - ignore environment variables with embedded '=' or '\0' characters CVE-2014-2532...

Fedora 19 : openssh-6.2p2-8.fc19 (2014-6569)

environment variables with embedded '=' or '0' characters are now ignored - prevents a server from skipping SSHFP lookup and forcing a new-hostkey dialog by offering only certificate keys - /etc/ssh/moduli is readable by all now - ssh-copy-id is run in so called legacy mode when SSHCOPYIDLEGACY...

Fedora 20 : openssh-6.4p1-4.fc20 (2014-6380)

environment variables with embedded '=' or '\0' characters are now ignored - prevents a server from skipping SSHFP lookup and forcing a new-hostkey dialog by offering only certificate keys - ssh-agent is now suspend-aware as it gets also CLOCKBOOTTIME time - /etc/ssh/moduli is readable by all now...