RHSA-2019:3702
Vulnerability from csaf_redhat
Published
2019-11-05 22:29
Modified
2024-11-22 13:21
Summary
Red Hat Security Advisory: openssh security, bug fix, and enhancement update
Notes
Topic
An update for openssh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.
The following packages have been upgraded to a later upstream version: openssh (8.0p1). (BZ#1691045)
Security Fix(es):
* openssh: scp client improper directory name validation (CVE-2018-20685)
* openssh: Improper validation of object names allows malicious server to overwrite files via scp client (CVE-2019-6111)
* openssh: Missing character encoding in progress display allows for spoofing of scp client output (CVE-2019-6109)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ document: { aggregate_severity: { namespace: "https://access.redhat.com/security/updates/classification/", text: "Moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright © Red Hat, Inc. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "An update for openssh is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", title: "Topic", }, { category: "general", text: "OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.\n\nThe following packages have been upgraded to a later upstream version: openssh (8.0p1). (BZ#1691045)\n\nSecurity Fix(es):\n\n* openssh: scp client improper directory name validation (CVE-2018-20685)\n\n* openssh: Improper validation of object names allows malicious server to overwrite files via scp client (CVE-2019-6111)\n\n* openssh: Missing character encoding in progress display allows for spoofing of scp client output (CVE-2019-6109)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.", title: "Details", }, { category: "legal_disclaimer", text: "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", title: "Terms of Use", }, ], publisher: { category: "vendor", contact_details: "https://access.redhat.com/security/team/contact/", issuing_authority: "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", name: "Red Hat Product Security", namespace: "https://www.redhat.com", }, references: [ { category: "self", summary: "https://access.redhat.com/errata/RHSA-2019:3702", url: "https://access.redhat.com/errata/RHSA-2019:3702", }, { category: "external", summary: "https://access.redhat.com/security/updates/classification/#moderate", url: "https://access.redhat.com/security/updates/classification/#moderate", }, { category: "external", summary: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", url: "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/", }, { category: "external", summary: "1665785", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1665785", }, { category: "external", summary: "1666119", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666119", }, { category: "external", summary: "1666127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666127", }, { category: "external", summary: "1667519", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1667519", }, { category: "external", summary: "1668325", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1668325", }, { category: "external", summary: "1683295", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1683295", }, { category: "external", summary: "1685096", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1685096", }, { category: "external", summary: "1686065", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1686065", }, { category: "external", summary: "1691045", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1691045", }, { category: "external", summary: "1707485", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1707485", }, { category: "external", summary: "1712436", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1712436", }, { category: "external", summary: "1732424", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732424", }, { category: "external", summary: "1732449", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1732449", }, { category: "self", summary: "Canonical URL", url: "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3702.json", }, ], title: "Red Hat Security Advisory: openssh security, bug fix, and enhancement update", tracking: { current_release_date: "2024-11-22T13:21:48+00:00", generator: { date: "2024-11-22T13:21:48+00:00", engine: { name: "Red Hat SDEngine", version: "4.2.1", }, }, id: "RHSA-2019:3702", initial_release_date: "2019-11-05T22:29:15+00:00", revision_history: [ { date: "2019-11-05T22:29:15+00:00", number: "1", summary: "Initial version", }, { date: "2019-11-05T22:29:15+00:00", number: "2", summary: "Last updated version", }, { date: "2024-11-22T13:21:48+00:00", number: "3", summary: "Last generated version", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux AppStream (v. 8)", product: { name: "Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0", product_identification_helper: { cpe: "cpe:/a:redhat:enterprise_linux:8::appstream", }, }, }, { category: "product_name", name: "Red Hat Enterprise Linux BaseOS (v. 8)", product: { name: "Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:8::baseos", }, }, }, ], category: "product_family", name: "Red Hat Enterprise Linux", }, { branches: [ { category: "product_version", name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", product: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", product_id: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-debugsource-0:8.0p1-3.el8.aarch64", product: { name: "openssh-debugsource-0:8.0p1-3.el8.aarch64", product_id: "openssh-debugsource-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debugsource@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-askpass-0:8.0p1-3.el8.aarch64", product: { name: "openssh-askpass-0:8.0p1-3.el8.aarch64", product_id: "openssh-askpass-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", product: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", product_id: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-cavs-0:8.0p1-3.el8.aarch64", product: { name: "openssh-cavs-0:8.0p1-3.el8.aarch64", product_id: "openssh-cavs-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-clients-0:8.0p1-3.el8.aarch64", product: { name: "openssh-clients-0:8.0p1-3.el8.aarch64", product_id: "openssh-clients-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-0:8.0p1-3.el8.aarch64", product: { name: "openssh-0:8.0p1-3.el8.aarch64", product_id: "openssh-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", product: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", product_id: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-ldap-0:8.0p1-3.el8.aarch64", product: { name: "openssh-ldap-0:8.0p1-3.el8.aarch64", product_id: "openssh-ldap-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-server-0:8.0p1-3.el8.aarch64", product: { name: "openssh-server-0:8.0p1-3.el8.aarch64", product_id: "openssh-server-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@8.0p1-3.el8?arch=aarch64", }, }, }, { category: "product_version", name: "openssh-keycat-0:8.0p1-3.el8.aarch64", product: { name: "openssh-keycat-0:8.0p1-3.el8.aarch64", product_id: "openssh-keycat-0:8.0p1-3.el8.aarch64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat@8.0p1-3.el8?arch=aarch64", }, }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", product: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", product_id: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-debugsource-0:8.0p1-3.el8.x86_64", product: { name: "openssh-debugsource-0:8.0p1-3.el8.x86_64", product_id: "openssh-debugsource-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debugsource@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-askpass-0:8.0p1-3.el8.x86_64", product: { name: "openssh-askpass-0:8.0p1-3.el8.x86_64", product_id: "openssh-askpass-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", product: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", product_id: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-cavs-0:8.0p1-3.el8.x86_64", product: { name: "openssh-cavs-0:8.0p1-3.el8.x86_64", product_id: "openssh-cavs-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-clients-0:8.0p1-3.el8.x86_64", product: { name: "openssh-clients-0:8.0p1-3.el8.x86_64", product_id: "openssh-clients-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-0:8.0p1-3.el8.x86_64", product: { name: "openssh-0:8.0p1-3.el8.x86_64", product_id: "openssh-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", product: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", product_id: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-ldap-0:8.0p1-3.el8.x86_64", product: { name: "openssh-ldap-0:8.0p1-3.el8.x86_64", product_id: "openssh-ldap-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-server-0:8.0p1-3.el8.x86_64", product: { name: "openssh-server-0:8.0p1-3.el8.x86_64", product_id: "openssh-server-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@8.0p1-3.el8?arch=x86_64", }, }, }, { category: "product_version", name: "openssh-keycat-0:8.0p1-3.el8.x86_64", product: { name: "openssh-keycat-0:8.0p1-3.el8.x86_64", product_id: "openssh-keycat-0:8.0p1-3.el8.x86_64", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat@8.0p1-3.el8?arch=x86_64", }, }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_version", name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", product: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", product_id: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-debugsource-0:8.0p1-3.el8.s390x", product: { name: "openssh-debugsource-0:8.0p1-3.el8.s390x", product_id: "openssh-debugsource-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debugsource@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-askpass-0:8.0p1-3.el8.s390x", product: { name: "openssh-askpass-0:8.0p1-3.el8.s390x", product_id: "openssh-askpass-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x", product: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x", product_id: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-cavs-0:8.0p1-3.el8.s390x", product: { name: "openssh-cavs-0:8.0p1-3.el8.s390x", product_id: "openssh-cavs-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-clients-0:8.0p1-3.el8.s390x", product: { name: "openssh-clients-0:8.0p1-3.el8.s390x", product_id: "openssh-clients-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-0:8.0p1-3.el8.s390x", product: { name: "openssh-0:8.0p1-3.el8.s390x", product_id: "openssh-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", product: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", product_id: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-ldap-0:8.0p1-3.el8.s390x", product: { name: "openssh-ldap-0:8.0p1-3.el8.s390x", product_id: "openssh-ldap-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-server-0:8.0p1-3.el8.s390x", product: { name: "openssh-server-0:8.0p1-3.el8.s390x", product_id: "openssh-server-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@8.0p1-3.el8?arch=s390x", }, }, }, { category: "product_version", name: "openssh-keycat-0:8.0p1-3.el8.s390x", product: { name: "openssh-keycat-0:8.0p1-3.el8.s390x", product_id: "openssh-keycat-0:8.0p1-3.el8.s390x", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat@8.0p1-3.el8?arch=s390x", }, }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", product: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", product_id: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo@0.10.3-7.3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-debugsource-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-debugsource-0:8.0p1-3.el8.ppc64le", product_id: "openssh-debugsource-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-debugsource@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-askpass-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-askpass-0:8.0p1-3.el8.ppc64le", product_id: "openssh-askpass-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-askpass@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", product_id: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server-debuginfo@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-cavs-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-cavs-0:8.0p1-3.el8.ppc64le", product_id: "openssh-cavs-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-cavs@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-clients-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-clients-0:8.0p1-3.el8.ppc64le", product_id: "openssh-clients-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-clients@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-0:8.0p1-3.el8.ppc64le", product_id: "openssh-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", product: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", product_id: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/pam_ssh_agent_auth@0.10.3-7.3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-ldap-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-ldap-0:8.0p1-3.el8.ppc64le", product_id: "openssh-ldap-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-ldap@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-server-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-server-0:8.0p1-3.el8.ppc64le", product_id: "openssh-server-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-server@8.0p1-3.el8?arch=ppc64le", }, }, }, { category: "product_version", name: "openssh-keycat-0:8.0p1-3.el8.ppc64le", product: { name: "openssh-keycat-0:8.0p1-3.el8.ppc64le", product_id: "openssh-keycat-0:8.0p1-3.el8.ppc64le", product_identification_helper: { purl: "pkg:rpm/redhat/openssh-keycat@8.0p1-3.el8?arch=ppc64le", }, }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "openssh-0:8.0p1-3.el8.src", product: { name: "openssh-0:8.0p1-3.el8.src", product_id: "openssh-0:8.0p1-3.el8.src", product_identification_helper: { purl: "pkg:rpm/redhat/openssh@8.0p1-3.el8?arch=src", }, }, }, ], category: "architecture", name: "src", }, ], category: "vendor", name: "Red Hat", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", }, product_reference: "openssh-0:8.0p1-3.el8.src", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-clients-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-clients-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-clients-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-clients-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-server-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-server-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-server-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-server-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", product_id: "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", relates_to_product_reference: "AppStream-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", }, product_reference: "openssh-0:8.0p1-3.el8.src", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-askpass-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-cavs-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-clients-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-clients-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-clients-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-clients-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-debugsource-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-debugsource-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-keycat-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-ldap-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-server-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-server-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-server-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-server-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", }, product_reference: "openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", }, product_reference: "pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", relates_to_product_reference: "BaseOS-8.1.0", }, { category: "default_component_of", full_product_name: { name: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", product_id: "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", }, product_reference: "pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", relates_to_product_reference: "BaseOS-8.1.0", }, ], }, vulnerabilities: [ { cve: "CVE-2018-20685", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-01-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1665785", }, ], notes: [ { category: "description", text: "In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.", title: "Vulnerability description", }, { category: "summary", text: "openssh: scp client improper directory name validation", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the scp client shipped with openssh. The SSH protocol or the SSH client is not affected. For more detailed analysis please refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1665785#c4", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2018-20685", }, { category: "external", summary: "RHBZ#1665785", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1665785", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2018-20685", url: "https://www.cve.org/CVERecord?id=CVE-2018-20685", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2018-20685", url: "https://nvd.nist.gov/vuln/detail/CVE-2018-20685", }, { category: "external", summary: "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", url: "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", }, ], release_date: "2018-11-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:29:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", product_ids: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3702", }, { category: "workaround", details: "This issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary. Removing the openssh-clients package will make binaries like scp and ssh etc unavailable on that system.\n\nNote: To exploit this flaw, the victim needs to connect to a malicious SSH server or MITM (Man-in-the-middle) the scp connection, both of which can be detected by the system administrator via a change in the host key of the SSH server. Further, if connections via scp are made to only trusted SSH servers, then those use-cases are not vulnerable to this security flaw.", product_ids: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", version: "3.0", }, products: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssh: scp client improper directory name validation", }, { cve: "CVE-2019-6109", cwe: { id: "CWE-451", name: "User Interface (UI) Misrepresentation of Critical Information", }, discovery_date: "2019-01-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1666119", }, ], notes: [ { category: "description", text: "An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This affects refresh_progress_meter() in progressmeter.c.", title: "Vulnerability description", }, { category: "summary", text: "openssh: Missing character encoding in progress display allows for spoofing of scp client output", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the scp client shipped with openssh. The SSH protocol or the SSH client is not affected. For more detailed analysis please refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1666119#c3", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-6109", }, { category: "external", summary: "RHBZ#1666119", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666119", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-6109", url: "https://www.cve.org/CVERecord?id=CVE-2019-6109", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-6109", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-6109", }, { category: "external", summary: "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", url: "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", }, ], release_date: "2018-11-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:29:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", product_ids: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3702", }, { category: "workaround", details: "This issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary. Removing the openssh-clients package will make binaries like scp and ssh etc unavailable on that system.\n\nNote: To exploit this flaw, the victim needs to connect to a malicious SSH server or MITM (Man-in-the-middle) the scp connection, both of which can be detected by the system administrator via a change in the host key of the SSH server. Further, if connections via scp are made to only trusted SSH servers, then those use-cases are not vulnerable to this security flaw.", product_ids: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 3.1, baseSeverity: "LOW", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, products: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Low", }, ], title: "openssh: Missing character encoding in progress display allows for spoofing of scp client output", }, { cve: "CVE-2019-6111", cwe: { id: "CWE-20", name: "Improper Input Validation", }, discovery_date: "2019-01-14T00:00:00+00:00", ids: [ { system_name: "Red Hat Bugzilla ID", text: "1666127", }, ], notes: [ { category: "description", text: "An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file).", title: "Vulnerability description", }, { category: "summary", text: "openssh: Improper validation of object names allows malicious server to overwrite files via scp client", title: "Vulnerability summary", }, { category: "other", text: "This issue affects the scp client shipped with openssh. The SSH protocol or the SSH client is not affected. For more detailed analysis please refer to: https://bugzilla.redhat.com/show_bug.cgi?id=1666127#c2", title: "Statement", }, { category: "general", text: "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", title: "CVSS score applicability", }, ], product_status: { fixed: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, references: [ { category: "self", summary: "Canonical URL", url: "https://access.redhat.com/security/cve/CVE-2019-6111", }, { category: "external", summary: "RHBZ#1666127", url: "https://bugzilla.redhat.com/show_bug.cgi?id=1666127", }, { category: "external", summary: "https://www.cve.org/CVERecord?id=CVE-2019-6111", url: "https://www.cve.org/CVERecord?id=CVE-2019-6111", }, { category: "external", summary: "https://nvd.nist.gov/vuln/detail/CVE-2019-6111", url: "https://nvd.nist.gov/vuln/detail/CVE-2019-6111", }, { category: "external", summary: "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", url: "https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt", }, ], release_date: "2018-11-16T00:00:00+00:00", remediations: [ { category: "vendor_fix", date: "2019-11-05T22:29:15+00:00", details: "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing this update, the OpenSSH server daemon (sshd) will be restarted automatically.", product_ids: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], restart_required: { category: "none", }, url: "https://access.redhat.com/errata/RHSA-2019:3702", }, { category: "workaround", details: "This issue only affects the users of scp binary which is a part of openssh-clients package. Other usage of SSH protocol or other ssh clients is not affected. Administrators can uninstall openssh-clients for additional protection against accidental usage of this binary. Removal of openssh-clients package will make the packaged binaries like scp, ssh etc unavailable. \n\nNote: This flaw requires a malicious MITM scp server for exploitation. Use cases where trusted SCP servers are used are not affected by this flaw.", product_ids: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, ], scores: [ { cvss_v3: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, products: [ "AppStream-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.src", "AppStream-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "AppStream-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "AppStream-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.src", "BaseOS-8.1.0:openssh-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-askpass-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-cavs-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-clients-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-debugsource-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-keycat-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-ldap-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.aarch64", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.ppc64le", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.s390x", "BaseOS-8.1.0:openssh-server-debuginfo-0:8.0p1-3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-0:0.10.3-7.3.el8.x86_64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.aarch64", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.ppc64le", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.s390x", "BaseOS-8.1.0:pam_ssh_agent_auth-debuginfo-0:0.10.3-7.3.el8.x86_64", ], }, ], threats: [ { category: "impact", details: "Moderate", }, ], title: "openssh: Improper validation of object names allows malicious server to overwrite files via scp client", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.