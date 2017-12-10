-------------------------------------------------------------------------------

Fedora Update Notification

FEDORA-2017-96d1995b70

2017-12-10 03:53:15.785174

Name : openssh

Product : Fedora 27

Version : 7.6p1

Release : 2.fc27

URL : http://www.openssh.com/portable.html

Summary : An open source implementation of SSH protocol version 2

Description :

SSH (Secure SHell) is a program for logging into and executing

commands on a remote machine. SSH is intended to replace rlogin and

rsh, and to provide secure encrypted communications between two

untrusted hosts over an insecure network. X11 connections and

arbitrary TCP/IP ports can also be forwarded over the secure channel.



OpenSSH is OpenBSD's version of the last free version of SSH, bringing

it up to date in terms of security and features.



This package includes the core files necessary for both the OpenSSH

client and server. To make this package useful, you should also

install openssh-clients, openssh-server, or both.



Update Information:



This update provides new upstream release OpenSSH 7.6 with several bug fixes

and

new features, including CVE-2017-15906, compatibility with WinSCP, improvement

for PAM stack, enablement for s390x sandbox, new GSSAPI key exchange methods

and

improvement of handling kerberos tickets.

References:



[ 1 ] Bug #1492313 - sshd doesnt use pam auth stack anymore

https://bugzilla.redhat.com/show_bug.cgi?id=1492313

[ 2 ] Bug #1477636 - Fedora - OpenSSH: Add enablement for openssl-ibmca and

openssl-ibmpkcs11 (security/crypto)

https://bugzilla.redhat.com/show_bug.cgi?id=1477636

[ 3 ] Bug #1199363 - ssh login with credential forwarding gives me a

subsidiary ccache; can't kinit to another user

https://bugzilla.redhat.com/show_bug.cgi?id=1199363

[ 4 ] Bug #1506631 - CVE-2017-15906 openssh: Improper write operations in

readonly mode allow for zero-length file creation [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1506631

[ 5 ] Bug #1504403 - openssh-7.6p1 is available

https://bugzilla.redhat.com/show_bug.cgi?id=1504403

[ 6 ] Bug #1499057 - WinSCP 5.1x.x erroneously forced to use a weaker

key-exchange due to missing patch to OpenSSH compat.c

https://bugzilla.redhat.com/show_bug.cgi?id=1499057

