Severity:
('Important', ['ELSCVE-84059', 'ELSCVE-84057', 'ELSCVE-84055'])
Release date:
2026-04-17 12:21:26 UTC
Description:
- CVE-2026-35387: correctly match ECDSA signature algorithms against
HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms
- CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask
and "ssh -O proxy ..."
- CVE-2026-35414: fix authorized_keys principals option matching to compare
comma-separated entries individually instead of using match_list
Updated packages:
-
openssh-8.7p1-30.el9_2.tuxcare.els10.x86_64.rpm
sha:01a137b694897f1592f09a9c090b5fb760c845feff5d93c4b2d6597e61353d49
-
openssh-askpass-8.7p1-30.el9_2.tuxcare.els10.x86_64.rpm
sha:345bcfb64551a248e1500793ffabeaf988bcc7a3db38a56d774ec12b5d73361b
-
openssh-clients-8.7p1-30.el9_2.tuxcare.els10.x86_64.rpm
sha:a81339d0061a61ef02ba74086fc25b88f30d1daa336dd98f53549f405cb463b5
-
openssh-keycat-8.7p1-30.el9_2.tuxcare.els10.x86_64.rpm
sha:313475da22972b514fa2ab94c82afd9b1443b8aec963587d208c69fed4a05ace
-
openssh-server-8.7p1-30.el9_2.tuxcare.els10.x86_64.rpm
sha:f1a9cfa2b6a61adb3b3ca9a46038df199126e817b7c21eba52f9f2e350931a3a
-
openssh-sk-dummy-8.7p1-30.el9_2.tuxcare.els10.x86_64.rpm
sha:1d3a0aa5444aaf6e72e458c41db42a9f9ea47a13b9c16cc05c89d7c6baee9c7a
-
pam_ssh_agent_auth-0.10.4-5.30.el9_2.tuxcare.els10.x86_64.rpm
sha:cee2ac0c27d912d45f1ae7fff477a2e786a2784c3e49427c4bf28eeff8ed3fee
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
