<div class="container">
<h1>Recommended update for openssh</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-RU-2024:1366-2</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216474">bsc#1216474</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218871">bsc#1218871</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221123">bsc#1221123</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222831">bsc#1222831</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Enterprise Micro 5.5</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that has four fixes can now be installed.</p>
<h2>Description:</h2>
<p>This update for openssh fixes the following issues:</p>
<ul>
<li>Fix hostbased ssh login failing occasionally with "signature
unverified: incorrect signature" by fixing a typo in patch (bsc#1221123)</li>
<li>Avoid closing IBM Z crypto devices nodes. (bsc#1218871)</li>
<li>
<p>Allow usage of IBM Z crypto adapter cards in seccomp filters (bsc#1216474)</p>
</li>
<li>
<p>Change the default value of UpdateHostKeys to Yes (unless
VerifyHostKeyDNS is enabled).</p>
</li>
</ul>
<p>This makes ssh update the known_hosts stored keys with all published
versions by the server (after it's authenticated with an existing
key), which will allow to identify the server with a different key if
the existing key is considered insecure at some point in the future
(bsc#1222831).</p>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Enterprise Micro 5.5
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-5.5-2024-1366=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
<ul>
<li>openssh-common-8.4p1-150300.3.37.1</li>
<li>openssh-debuginfo-8.4p1-150300.3.37.1</li>
<li>openssh-server-8.4p1-150300.3.37.1</li>
<li>openssh-8.4p1-150300.3.37.1</li>
<li>openssh-clients-debuginfo-8.4p1-150300.3.37.1</li>
<li>openssh-debugsource-8.4p1-150300.3.37.1</li>
<li>openssh-server-debuginfo-8.4p1-150300.3.37.1</li>
<li>openssh-clients-8.4p1-150300.3.37.1</li>
<li>openssh-fips-8.4p1-150300.3.37.1</li>
<li>openssh-common-debuginfo-8.4p1-150300.3.37.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1216474">https://bugzilla.suse.com/show_bug.cgi?id=1216474</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1218871">https://bugzilla.suse.com/show_bug.cgi?id=1218871</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1221123">https://bugzilla.suse.com/show_bug.cgi?id=1221123</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1222831">https://bugzilla.suse.com/show_bug.cgi?id=1222831</a>
</li>
</ul>
</div>