NS-SA-2024-1001
2024-09-07 14:54:03
简介
important: openssh security update
严重级别
important
主题
An update for openssh is now available for NewStart CGSL MAIN V5.04/CORE V5.04.
NewStart Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
详细描述
openssh: A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
http://security.gd-linux.com/how_to_apply_patch.html
Remember the build tag is 5.04.F56.
影响组件
影响产品
- CGSL MAIN 5.04
- CGSL CORE 5.04
更新包
{"fix":[{"product":"CGSL MAIN 5.04","pkgs":[{"binary":["openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm","openssh-askpass-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm","openssh-clients-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm","openssh-server-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm"],"source":"openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.src.rpm"}]},{"product":"CGSL CORE 5.04","pkgs":[{"binary":["openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm","openssh-askpass-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm","openssh-clients-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm","openssh-server-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm"],"source":"openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.src.rpm"}]}]}
CGSL MAIN 5.04
- openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.src.rpm
- openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
- openssh-askpass-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
- openssh-clients-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
- openssh-server-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
CGSL CORE 5.04
- openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.src.rpm
- openssh-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
- openssh-askpass-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
- openssh-clients-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
- openssh-server-8.5p1-2.el7.cgslv5.1.24.gc95680d.x86_64.rpm
CVE
参考