银河麒麟V10系统openssh漏洞修复
1. 修复的CVE信息:
CVE-2018-15919
描述:OpenSSH(OpenBSD Secure Shell)是OpenBSD计划组的⼀套⽤于安全访问远程计算机的连接⼯具。该⼯具是SSH协议的开源实现,⽀持对所有的传输进⾏加密,可有效阻⽌窃听、连接劫持以及其他⽹络级的攻击。OpenSSH CVE-2020-12062
描述:OpenSSH(OpenBSD Secure Shell)是OpenBSD计划组的⼀套⽤于安全访问远程计算机的连接⼯具。该⼯具是SSH协议的开源实现,⽀持对所有的传输进⾏加密,可有效阻⽌窃听、连接劫持以及其他⽹络级的攻击。OpenSSH
2. 受影响的操作系统:
银河麒麟⾼级服务器操作系统V10(SP1)
3. 修复版本
银河麒麟⾼级服务器操作系统V10(SP1):openssh-8.2p1-9.p02.ky10
4. 受影响的软件包
银河麒麟⾼级服务器操作系统V10(SP1)
x86_64:
openssh-8.2p1-9.p02.ky10.x86_64.rpm
openssh-askpass-8.2p1-9.p02.ky10.x86_64.rpm
openssh-cavs-8.2p1-9.p02.ky10.x86_64.rpm
openssh-clients-8.2p1-9.p02.ky10.x86_64.rpm
openssh-keycat-8.2p1-9.p02.ky10.x86_64.rpm
openssh-ldap-8.2p1-9.p02.ky10.x86_64.rpm
openssh-server-8.2p1-9.p02.ky10.x86_64.rpm
pam_ssh_agent_auth-0.10.3-9.9.p02.ky10.x86_64.rpm
aarch64:
openssh-8.2p1-9.p02.ky10.aarch64.rpm openssh-askpass-8.2p1-9.p02.ky10.aarch64.rpm
openssh-cavs-8.2p1-9.p02.ky10.aarch64.rpm
openssh-clients-8.2p1-9.p02.ky10.aarch64.rpm
openssh-keycat-8.2p1-9.p02.ky10.aarch64.rpm
openssh-ldap-8.2p1-9.p02.ky10.aarch64.rpm
openssh-server-8.2p1-9.p02.ky10.aarch64.rpm
pam_ssh_agent_auth-0.10.3-9.9.p02.ky10.aarch64.rpm
mips64el:
openssh-8.2p1-9.p02.ky10.mips64el.rpm
openssh-askpass-8.2p1-9.p02.ky10.mips64el.rpm
openssh-cavs-8.2p1-9.p02.ky10.mips64el.rpm
openssh-clients-8.2p1-9.p02.ky10.mips64el.rpm
openssh-keycat-8.2p1-9.p02.ky10.mips64el.rpm
openssh-ldap-8.2p1-9.p02.ky10.mips64el.rpm openssh-server-8.2p1-9.p02.ky10.mips64el.rpm
pam_ssh_agent_auth-0.10.3-9.9.p02.ky10.mips64el.rpm
5.修复⽅法
⽅法⼀:配置源进⾏升级安装
1)打开软件包源配置⽂件,根据仓库地址进⾏修改
银河麒麟⾼级服务器操作系统V10(SP1)
仓库源地址:aarch64:update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/
x86_64:update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/ssh工具安卓下载
mips64el:update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/
2)配置完成后执⾏更新命令进⾏升级,命令如下:yum update openssh
⽅法⼆:下载安装包进⾏升级安装
通过软件包地址下载软件包,使⽤软件包升级命令根据受影响的软件包列表进⾏升级安装,命令如下:rpm -Uvh Packagelists
6. 软件包下载地址
银河麒麟⾼级服务器操作系统V10(SP1):
Openssh X86_64软件包下载地址:
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-askpass-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-cavs-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-clients-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-keycat-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-ldap-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/openssh-server-8.2p1-9.p02.ky10.x86_64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/x86_64/Packages/pam_ssh_agent_auth-0.10.3-9.9.p02.ky10.x86_64.rpm
Openssh aarch64软件包下载地址:
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-8.2p1-9.p02.ky10.aarch64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-askpass-8.2p1-9.p02.ky10.aarch64.rpm update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-cavs-8.2p1-9.p02.ky10.aarch64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-clients-8.2p1-9.p02.ky10.aarch64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-keycat-8.2p1-9.p02.ky10.aarch64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-ldap-8.2p1-9.p02.ky10.aarch64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/openssh-server-8.2p1-9.p02.ky10.aarch64.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/aarch64/Packages/pam_ssh_agent_auth-0.10.3-9.9.p02.ky10.aarch64.rpm Openssh mips64el软件包下载地址:
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-askpass-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-cavs-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-clients-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-keycat-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-ldap-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/openssh-server-8.2p1-9.p02.ky10.mips64el.rpm
update.cs2c:8080/NS/V10/V10SP1/os/adv/lic/updates/mips64el/Packages/pam_ssh_agent_auth-0.10.3-9.9.p02.ky10.mips64el.rpm
通过下载相关软件,上传服务器,进⾏rpm更新升级。
版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。
发表评论