Jump to letter: [
7ABCDEFGHIJKLMNOPQRSTUVWXYZ
]
openssh-clients - An open source SSH client applications
- Description:
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.
Packages
| openssh-clients-8.0p1-13.aldos.x86_64
[641 KiB] |
Changelog
by Joel Barrios (2026-05-12):
- Sync parches with AlmaLinux.
- CVE-2026-35385: Fix privilege escalation via scp legacy protocol
when not in preserving file mode
Resolves: RHEL-164743
- CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode
multiplexing sessions
Resolves: RHEL-166240
- CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms
and HostbasedAcceptedAlgorithms with regard to ECDSA keys
Resolves: RHEL-166224
- CVE-2026-35414: Fix mishandling of authorized_keys principals option
Resolves: RHEL-166192
- CVE-2026-35386: Add validation rules to usernames and hostnames
set for ProxyJump/-J on the commandline
Resolves: RHEL-166208
- CVE-2026-3497: Fix information disclosure or denial of service due
to uninitialized variables in gssapi-keyex
Resolves: RHEL-155814
- CVE-2025-61984: Reject usernames with control characters
Resolves: RHEL-128400
- CVE-2025-61985: Reject URL-strings with NULL characters
Resolves: RHEL-128390
- Fix missing invalid error code checks in OpenSSH. It prevents
a MITM attack when VerifyHostKeyDNS is on (CVE-2025-26465)
Resolves: RHEL-109228
- Upstream: Ignore SIGPIPE earlier in main()
Resolves: RHEL-37743
- Providing a kill switch for scp to deal with CVE-2020-15778
Resolves: RHEL-22870
- Fix Terrapin attack
Resolves: RHEL-19308
- Fix Terrapin attack
Resolves: RHEL-19308
- Forbid shell metasymbols in username/hostname
Resolves: RHEL-19788
- Using DigestSign/DigestVerify functions for better FIPS compatibility
Resolves: RHEL-5217
- Limit artificial delays in sshd while login using AD user
Resolves: RHEL-1684
- Add comment to OpenSSH server config about FIPS-incompatible key
Resolves: RHEL-5221
- Avoid killing all processes on system in case of race condition
Resolves: RHEL-11548
- Avoid sshd_config 256K limit
Resolves: RHEL-5279
- Using DigestSign/DigestVerify functions for better FIPS compatibility
Resolves: RHEL-5217
- Fix GSS KEX causing ssh failures when connecting to WinSSHD
Resolves: RHEL-5321
Related: CVE-2023-38408
- Avoid remote code execution in ssh-agent PKCS#11 support
Resolves: CVE-2023-38408
- Fix parsing of IPv6 IPs in sftp client (#2151334)
- Avoid ssh banner one-byte overflow (#2138344)
- Avoid crash of sshd when Include folder does not exist (#2133087)
|