Synopsis: Low: openssh security, bug fix, and enhancement update
Advisory ID: SLSA-2013:1591-2
Issue Date: 2013-11-21
CVE Numbers: CVE-2010-5107
—
The default OpenSSH configuration made it easy for remote attackers to
exhaust unauthorized connection slots and prevent other users from being
able to log in to a system. This flaw has been addressed by enabling
random early connection drops by setting MaxStartups to 10:30:100 by
default. For more information, refer to the sshd_config(5) man page.
(CVE-2010-5107)
—
SL6
x86_64
openssh-5.3p1-94.el6.x86_64.rpm
openssh-askpass-5.3p1-94.el6.x86_64.rpm
openssh-clients-5.3p1-94.el6.x86_64.rpm
openssh-debuginfo-5.3p1-94.el6.x86_64.rpm
openssh-server-5.3p1-94.el6.x86_64.rpm
openssh-debuginfo-5.3p1-94.el6.i686.rpm
openssh-ldap-5.3p1-94.el6.x86_64.rpm
pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm
pam_ssh_agent_auth-0.9.3-94.el6.x86_64.rpm
i386
openssh-5.3p1-94.el6.i686.rpm
openssh-askpass-5.3p1-94.el6.i686.rpm
openssh-clients-5.3p1-94.el6.i686.rpm
openssh-debuginfo-5.3p1-94.el6.i686.rpm
openssh-server-5.3p1-94.el6.i686.rpm
openssh-ldap-5.3p1-94.el6.i686.rpm
pam_ssh_agent_auth-0.9.3-94.el6.i686.rpm
The following RPMs were added for dependency resolution:
x86_64
openssl-1.0.1e-15.el6.i686.rpm
openssl-1.0.1e-15.el6.x86_64.rpm
openssl-devel-1.0.1e-15.el6.i686.rpm
openssl-devel-1.0.1e-15.el6.x86_64.rpm
openssl-perl-1.0.1e-15.el6.x86_64.rpm
openssl-static-1.0.1e-15.el6.x86_64.rpm
i386
openssl-1.0.1e-15.el6.i686.rpm
openssl-devel-1.0.1e-15.el6.i686.rpm
openssl-perl-1.0.1e-15.el6.i686.rpm
openssl-static-1.0.1e-15.el6.i686.rpm
– Scientific Linux Development Team
