Please Install the Updated Packages.
OpenSSH is OpenBSD's Secure Shell (SSH) protocol implementation. These packages include the core files necessary for the OpenSSH client and server. A denial of service flaw was found in the OpenSSH GSSAPI authentication implementation. A remote, authenticated user could use this flaw to make the OpenSSH server daemon (sshd) use an excessive amount of memory, leading to a denial of service. GSSAPI authentication is enabled by default (" GSSAPIAuthentication yes" in " /etc/ssh/sshd_config" ). (CVE-2011-5000) These updated openssh packages also provide fixes for the following bugs: * SSH X11 forwarding failed if IPv6 was enabled and the parameter X11UseLocalhost was set to " no" . Consequently, users could not set X forwarding. This update fixes sshd and ssh to correctly bind the port for the IPv6 protocol. As a result, X11 forwarding now works as expected with IPv6. (BZ#732955) * The sshd daemon was killed by the OOM killer when running a stress test. Consequently, a user could not log in. With this update, the sshd daemon sets its oom_adj value to -17. As a result, sshd is not chosen by OOM killer and users are able to log in to solve problems with memory. (BZ#744236) * If the SSH server is configured with a banner that contains a backslash character, then the client will escape it with another " \" character, so it prints double backslashes. An upstream patch has been applied to correct the problem and the SSH banner is now correctly displayed. (BZ#809619) In addition, these updated openssh packages provide the following enhancements: * Previously, SSH allowed multiple ways of authentication of which only one was required for a successful login. SSH can now be set up to require multiple ways of authentication. For example, logging in to an SSH-enabled machine requires both a passphrase and a public key to be entered. The RequiredAuthentications1 and RequiredAuthentications2 options can be configured in the /etc/ssh/sshd_config file to specify authentications that are required for a successful login. For example, to set key and password authentication for SSH version 2, type: echo " RequiredAuthentications2 publickey,password" > > /etc/ssh/sshd_config For more information on the aforementioned /etc/ssh/sshd_config options, refer to the sshd_config man page. (BZ#657378) * Previously, OpenSSH could use the Advanced Encryption Standard New Instructions (AES-NI) instruction set only with the AES Cipher-block chaining (CBC) cipher. This update adds ... Description truncated, for more information please check the Reference URL
openssh on CentOS 6
Updated on 2015-03-25