Bug 4758 - 4.18内核openssh、openssl升级问题
Summary: 4.18内核openssh、openssl升级问题
Status: NEW
Alias: None
Product: Anolis OS 8
Classification: Anolis OS
Component: BaseOS Packages (show other bugs) BaseOS Packages
Version: 8.6
Hardware: x86_64 Linux
: P2-High S2-major
Target Milestone: ---
Assignee: Jacob
QA Contact: shuming
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-04-12 17:53 UTC by yz1025788177
Modified: 2023-04-12 17:58 UTC (History)
0 users

See Also:

Attachments
scp: Connection closed (28.10 KB, image/png)
2023-04-12 17:53 UTC, yz1025788177 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description yz1025788177 2023-04-12 17:53:36 UTC 
Created attachment 704 [details]
scp: Connection closed

Description of problem:

openssh-8.0p1-13.0.1版本存在 CVE-2019-16905、CVE-2020-15778、CVE-2021-41617、CVE-2020-14145、CVE-2016-20012 等漏洞,需要进行打补丁或升级至openssh最新版本,升级至openssh9.3p1 最新版本存在问题。
openssl-1.1.1k-6 目前没有被扫出漏洞,但测试升级至openssl1.1.1t最新存在问题。

Version-Release number of selected component (if applicable):

openssh-8.0p1-13.0.1
openssl-1.1.1k-6

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:

openssh升级9.3p1后使用scp命令报错,服务状态及SSH连接正常

/etc/crypto-policies/back-ends/openssh.config: line 3: Bad configuration option: gssapikexalgorithms
/etc/crypto-policies/back-ends/openssh.config: terminating, 1 bad configuration options
scp: Connection closed

openssl 升级至1.1.1t版本后无法正常登录系统,ssh、yum等软件无法使用

Expected results:


Additional info: