[ol7_u8_security_validation] openssh-server-10:7.4p1-23.0.3.el7_9_fips.aarch64

Name:	openssh-server
Epoch:	10
Version:	7.4p1
Release:	23.0.3.el7_9_fips
Architecture:	aarch64
Group:	System Environment/Daemons
Size:	1051170
License:	BSD
RPM:	openssh-server-7.4p1-23.0.3.el7_9_fips.aarch64.rpm
Source RPM:	openssh-7.4p1-23.0.3.el7_9_fips.src.rpm
Build Date:	Sat Mar 16 2024
Build Host:	build-ol7-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssh.com/portable.html
Summary:	An open source SSH server daemon
Description:	OpenSSH is a free version of SSH (Secure SHell), a program for logging into and executing commands on a remote machine. This package contains the secure shell daemon (sshd). The sshd daemon allows SSH clients to securely connect to your SSH server.

Changelog (Show File list) (Show related packages)

Mon Feb 12 2024 Kaylin Devchand <kaylin.devchand@oracle.com> - 7.4p1-23.0.3_fips

- Change Epoch from 1 to 10
- Enable fips KDF POST [Orabug: 32461750]
- Disable diffie-hellman-group-exchange-sha256 KEX FIPS method [Orabug: 32461739]

Wed Feb 07 2024 Kaylin Devchand <kaylin.devchand@oracle.com> - 7.4p1-23.0.3

- add KEX_INITIAL flag [Orabug: 36160445] 
- implement "strict key exchange" [CVE-2023-48795][Orabug: 36160445]

Tue Aug 01 2023 Codrin Pruteanu <codrin.pruteanu@oracle.com> - 7.4p1-23.0.1

- enlarge format buffer size for certificate serial
  number so the log message can record any 64-bit integer without
  truncation (openssh bz#3012) [Orabug: 30448895]

Thu Jul 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 7.4p1-23 + 0.10.3-2

- Avoid remote code execution in ssh-agent PKCS#11 support
  Resolves: CVE-2023-38408

Thu Sep 30 2021 Dmitry Belyavskiy <dbelyavs@redhat.com> - 7.4p1-22 + 0.10.3-2

- avoid segfault in Kerberos cache cleanup (#1999263)
- fix CVE-2021-41617 (#2008884)

Tue Jun 25 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-21 + 0.10.3-2

- Avoid double comma in the default cipher list in FIPS mode (#1722446)

Tue May 21 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-20 + 0.10.3-2
```
- Revert the updating of cached passwd structure (#1712053)
```
Mon Mar 04 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-19 + 0.10.3-2
```
- Update cached passwd structure after PAM authentication (#1674541)
```

Wed Feb 13 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-18 + 0.10.3-2

- invalidate supplemental group cache used by temporarily_use_uid()
  when the target uid differs (#1583735)

Mon Jan 14 2019 Jakub Jelen <jjelen@redhat.com> - 7.4p1-17 + 0.10.3-2

- Fix for CVE-2018-15473 (#1619079)
- Enable GCM mode for AES ciphers in FIPS mode (#1600869)