Release Info

Advisory: CLSA-2024:1707420183

OS: Ubuntu 18.04 ELS

Public date: 2024-02-08 14:23:05

Project: openssh

Version: 1:7.6p1-4ubuntu0.7+tuxcare.els5

Errata link: https://errata.cloudlinux.com/ubuntu18-els/CLSA-2024-1707420183.html

Changelog

* SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795

Update

Update command: apt-get update apt-get --only-upgrade install openssh*

Packages list

openssh-client_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb openssh-server_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb ssh_7.6p1-4ubuntu0.7+tuxcare.els5_all.deb ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els5_amd64.deb

CVEs

CVE-2023-48795