{ "schema_version": "1.7.0", "id": "RHSA-2017:2029", "related": [], "upstream": [ "CVE-2016-6210", "CVE-2016-6515", "CVE-2016-10009", "CVE-2016-10011", "CVE-2016-10012", "CVE-2016-10708" ], "published": "2024-09-16T00:09:10Z", "modified": "2026-05-30T10:01:30Z", "summary": "Red Hat Security Advisory: openssh security, bug fix, and enhancement update", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "affected": [ { "package": { "name": "openssh", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-askpass", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-askpass" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-cavs", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-cavs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-clients", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-clients" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-debuginfo", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-keycat", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-keycat" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-ldap", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-ldap" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-server" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server-sysvinit", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/openssh-server-sysvinit" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "pam_ssh_agent_auth", "ecosystem": "Red Hat:enterprise_linux:7::client", "purl": "pkg:rpm/redhat/pam_ssh_agent_auth" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:0.10.3-1.11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-askpass", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-askpass" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-cavs", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-cavs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-clients", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-clients" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-debuginfo", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-keycat", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-keycat" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-ldap", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-ldap" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-server" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server-sysvinit", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/openssh-server-sysvinit" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "pam_ssh_agent_auth", "ecosystem": "Red Hat:enterprise_linux:7::computenode", "purl": "pkg:rpm/redhat/pam_ssh_agent_auth" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:0.10.3-1.11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-askpass", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-askpass" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-cavs", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-cavs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-clients", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-clients" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-debuginfo", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-keycat", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-keycat" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-ldap", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-ldap" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-server" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server-sysvinit", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/openssh-server-sysvinit" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "pam_ssh_agent_auth", "ecosystem": "Red Hat:enterprise_linux:7::server", "purl": "pkg:rpm/redhat/pam_ssh_agent_auth" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:0.10.3-1.11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-askpass", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-askpass" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-cavs", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-cavs" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-clients", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-clients" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-debuginfo", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-debuginfo" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-keycat", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-keycat" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-ldap", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-ldap" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-server" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "openssh-server-sysvinit", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/openssh-server-sysvinit" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:7.4p1-11.el7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "name": "pam_ssh_agent_auth", "ecosystem": "Red Hat:enterprise_linux:7::workstation", "purl": "pkg:rpm/redhat/pam_ssh_agent_auth" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "0:0.10.3-1.11.el7" } ], "type": "ECOSYSTEM" } ] } ], "references": [ { "type": "ADVISORY", "url": "https://access.redhat.com/errata/RHSA-2017:2029" }, { "type": "ARTICLE", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "type": "ARTICLE", "url": "https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/7.4_Release_Notes/index.html" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1357442" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1360973" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1364935" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1366400" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373835" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1375179" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1381997" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1396400" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398569" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1402424" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406269" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406286" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1406293" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418062" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420910" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1438414" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1450361" }, { "type": "ADVISORY", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2029.json" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2016-6210" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6210" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6210" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2016-6515" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2016-6515" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6515" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2016-10009" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10009" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10009" }, { "type": "ARTICLE", "url": "https://www.openssh.com/txt/release-7.4" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2016-10011" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10011" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10011" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2016-10012" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10012" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10012" }, { "type": "REPORT", "url": "https://access.redhat.com/security/cve/CVE-2016-10708" }, { "type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537929" }, { "type": "ADVISORY", "url": "https://www.cve.org/CVERecord?id=CVE-2016-10708" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10708" } ] }