Severity:
('Important', [])
Release date:
2026-04-17 17:24:01 UTC
Description:
- CVE-2026-35387: correctly match ECDSA signature algorithms against
HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms
- CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask
and "ssh -O proxy ..."
- CVE-2026-35414: fix authorized_keys principals option matching to compare
comma-separated entries individually instead of using match_list
Updated packages:
-
openssh-8.7p1-45.el9.tuxcare.els3.x86_64.rpm
sha:c0fee67ecf245849bd2aa7555157769b00f43165a1d0072408ad1df02f70f162
-
openssh-askpass-8.7p1-45.el9.tuxcare.els3.x86_64.rpm
sha:a87b23ef9047470bdc7d9dfe5b71246cb4dafc513506be968c80bd913b127c50
-
openssh-clients-8.7p1-45.el9.tuxcare.els3.x86_64.rpm
sha:d4154ad96fb3c9ee306d8efbca15278b48034c40192054d8d7d4f86aa985a44b
-
openssh-keycat-8.7p1-45.el9.tuxcare.els3.x86_64.rpm
sha:3695ce3bcfef98f19280bfbeee321bf9063d26c4331b2da7dae550fa71e2669d
-
openssh-server-8.7p1-45.el9.tuxcare.els3.x86_64.rpm
sha:723d960e9b9cbcbb828bac971c079053ed58326b18c1f4c0509b8f5ee97970c2
-
openssh-sk-dummy-8.7p1-45.el9.tuxcare.els3.x86_64.rpm
sha:aab0f617afbdc668fef256a31924de8a1404dd2b0c8307d2709211d538e7eb78
-
pam_ssh_agent_auth-0.10.4-5.45.el9.tuxcare.els3.x86_64.rpm
sha:0fe676829b6fa249b2c6016673db67debd177599caf5323f7d6c6d9c5c188db1
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
