[ale] RHN Errata Alert: Updated OpenSSH packages fix potential vulnerability...

Brian J. Dowd bdowd at dentfirst.com
Tue Sep 16 15:44:33 EDT 2003 

RedHat has it now...

Red Hat Network has determined that the following advisory is applicable to
one or more of the systems you have registered:

Complete information about this errata can be found at the following location:
     https://rhn.redhat.com/network/errata/errata_details.pxt?eid=1837

Security Advisory - RHSA-2003:279-07
------------------------------------------------------------------------------
Summary:
Updated OpenSSH packages fix potential vulnerability

Updated OpenSSH packages are now available that fix a bug that may be
remotely exploitable.

Description:
OpenSSH is a suite of network connectivity tools that can be used to
establish encrypted connections between systems on a network and can
provide interactive login sessions and port forwarding, among other functions.

The OpenSSH team has announced a bug which affects the OpenSSH buffer
handling code.  This bug has the potential of being remotely exploitable.

All users of OpenSSH should immediately apply this update which contains a
backported fix for this issue.

References:
http://marc.theaimsgroup.com/?l=openbsd-misc&m=106371592604940
------------------------------------------------------------------------------

-------------
Taking Action
-------------
You may address the issues outlined in this advisory in two ways:

     - select your server name by clicking on its name from the list
       available at the following location, and then schedule an
       errata update for it:
           https://rhn.redhat.com/network/systemlist/system_list.pxt

     - run the Update Agent on each affected server.


---------------------------------
Changing Notification Preferences
---------------------------------
To enable/disable your Errata Alert preferences globally please log in to RHN
and navigate from "Your RHN" / "Your Account" to the "Preferences" tab.

        URL: https://rhn.redhat.com/network/my_account/my_prefs.pxt

You can also enable/disable notification on a per system basis by selecting an
individual system from the "Systems List". From the individual system view
click the "Details" tab.


----------------
Affected Systems
----------------
According to our records, this errata may apply to one or more of the 
systems that you've profiled with Red Hat Network.  To see precisely which 
systems are affected, please go to:
    https://rhn.redhat.com/network/errata/systems_affected.pxt?eid=1837



The Red Hat Network Team
 <snip>

More information about the Ale mailing list