Vulnerability Database
Blog
FAQ
Docs
RHSA-2019:3702
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2019:3702
Import Source
https://security.access.redhat.com/data/osv/RHSA-2019:3702.json
JSON Data
https://api.osv.dev/v1/vulns/RHSA-2019:3702
Related
CVE-2018-20685
CVE-2019-6109
CVE-2019-6111
Published
2024-09-16T02:36:25Z
Modified
2024-11-22T13:21:50Z
Severity
5.3 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
CVSS Calculator
Summary
Red Hat Security Advisory: openssh security, bug fix, and enhancement update
Details
References
https://access.redhat.com/errata/RHSA-2019:3702
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.1_release_notes/
https://bugzilla.redhat.com/show_bug.cgi?id=1665785
https://bugzilla.redhat.com/show_bug.cgi?id=1666119
https://bugzilla.redhat.com/show_bug.cgi?id=1666127
https://bugzilla.redhat.com/show_bug.cgi?id=1667519
https://bugzilla.redhat.com/show_bug.cgi?id=1668325
https://bugzilla.redhat.com/show_bug.cgi?id=1683295
https://bugzilla.redhat.com/show_bug.cgi?id=1685096
https://bugzilla.redhat.com/show_bug.cgi?id=1686065
https://bugzilla.redhat.com/show_bug.cgi?id=1691045
https://bugzilla.redhat.com/show_bug.cgi?id=1707485
https://bugzilla.redhat.com/show_bug.cgi?id=1712436
https://bugzilla.redhat.com/show_bug.cgi?id=1732424
https://bugzilla.redhat.com/show_bug.cgi?id=1732449
https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3702.json
https://access.redhat.com/security/cve/CVE-2018-20685
https://www.cve.org/CVERecord?id=CVE-2018-20685
https://nvd.nist.gov/vuln/detail/CVE-2018-20685
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
https://access.redhat.com/security/cve/CVE-2019-6109
https://www.cve.org/CVERecord?id=CVE-2019-6109
https://nvd.nist.gov/vuln/detail/CVE-2019-6109
https://access.redhat.com/security/cve/CVE-2019-6111
https://www.cve.org/CVERecord?id=CVE-2019-6111
https://nvd.nist.gov/vuln/detail/CVE-2019-6111
Affected packages
Red Hat:enterprise_linux:8::appstream
/
openssh
Package
Name
openssh
Purl
pkg:rpm/redhat/openssh
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-askpass
Package
Name
openssh-askpass
Purl
pkg:rpm/redhat/openssh-askpass
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-askpass-debuginfo
Package
Name
openssh-askpass-debuginfo
Purl
pkg:rpm/redhat/openssh-askpass-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-cavs
Package
Name
openssh-cavs
Purl
pkg:rpm/redhat/openssh-cavs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-cavs-debuginfo
Package
Name
openssh-cavs-debuginfo
Purl
pkg:rpm/redhat/openssh-cavs-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-clients
Package
Name
openssh-clients
Purl
pkg:rpm/redhat/openssh-clients
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-clients-debuginfo
Package
Name
openssh-clients-debuginfo
Purl
pkg:rpm/redhat/openssh-clients-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-debuginfo
Package
Name
openssh-debuginfo
Purl
pkg:rpm/redhat/openssh-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-debugsource
Package
Name
openssh-debugsource
Purl
pkg:rpm/redhat/openssh-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-keycat
Package
Name
openssh-keycat
Purl
pkg:rpm/redhat/openssh-keycat
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-keycat-debuginfo
Package
Name
openssh-keycat-debuginfo
Purl
pkg:rpm/redhat/openssh-keycat-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-ldap
Package
Name
openssh-ldap
Purl
pkg:rpm/redhat/openssh-ldap
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-ldap-debuginfo
Package
Name
openssh-ldap-debuginfo
Purl
pkg:rpm/redhat/openssh-ldap-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-server
Package
Name
openssh-server
Purl
pkg:rpm/redhat/openssh-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
openssh-server-debuginfo
Package
Name
openssh-server-debuginfo
Purl
pkg:rpm/redhat/openssh-server-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::appstream
/
pam_ssh_agent_auth
Package
Name
pam_ssh_agent_auth
Purl
pkg:rpm/redhat/pam_ssh_agent_auth
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.10.3-7.3.el8
Red Hat:enterprise_linux:8::appstream
/
pam_ssh_agent_auth-debuginfo
Package
Name
pam_ssh_agent_auth-debuginfo
Purl
pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.10.3-7.3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh
Package
Name
openssh
Purl
pkg:rpm/redhat/openssh
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-askpass
Package
Name
openssh-askpass
Purl
pkg:rpm/redhat/openssh-askpass
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-askpass-debuginfo
Package
Name
openssh-askpass-debuginfo
Purl
pkg:rpm/redhat/openssh-askpass-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-cavs
Package
Name
openssh-cavs
Purl
pkg:rpm/redhat/openssh-cavs
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-cavs-debuginfo
Package
Name
openssh-cavs-debuginfo
Purl
pkg:rpm/redhat/openssh-cavs-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-clients
Package
Name
openssh-clients
Purl
pkg:rpm/redhat/openssh-clients
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-clients-debuginfo
Package
Name
openssh-clients-debuginfo
Purl
pkg:rpm/redhat/openssh-clients-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-debuginfo
Package
Name
openssh-debuginfo
Purl
pkg:rpm/redhat/openssh-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-debugsource
Package
Name
openssh-debugsource
Purl
pkg:rpm/redhat/openssh-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-keycat
Package
Name
openssh-keycat
Purl
pkg:rpm/redhat/openssh-keycat
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-keycat-debuginfo
Package
Name
openssh-keycat-debuginfo
Purl
pkg:rpm/redhat/openssh-keycat-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-ldap
Package
Name
openssh-ldap
Purl
pkg:rpm/redhat/openssh-ldap
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-ldap-debuginfo
Package
Name
openssh-ldap-debuginfo
Purl
pkg:rpm/redhat/openssh-ldap-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-server
Package
Name
openssh-server
Purl
pkg:rpm/redhat/openssh-server
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
openssh-server-debuginfo
Package
Name
openssh-server-debuginfo
Purl
pkg:rpm/redhat/openssh-server-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:8.0p1-3.el8
Red Hat:enterprise_linux:8::baseos
/
pam_ssh_agent_auth
Package
Name
pam_ssh_agent_auth
Purl
pkg:rpm/redhat/pam_ssh_agent_auth
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.10.3-7.3.el8
Red Hat:enterprise_linux:8::baseos
/
pam_ssh_agent_auth-debuginfo
Package
Name
pam_ssh_agent_auth-debuginfo
Purl
pkg:rpm/redhat/pam_ssh_agent_auth-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.10.3-7.3.el8
RHSA-2019:3702 - OSV