[CLSA-2026:1779118278] openssh: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-05-19 00:16:02 UTC
Description:
9.3_p2.tuxcare.els1-r0: - CVE-2026-35385 clear setuid/setgid bits when scp downloads files without -p - CVE-2026-35386 reject shell metacharacters in remote username on commandline - CVE-2026-35414 fix authorized_keys principals option matching when a certificate principal contains a comma
Updated packages:
  • openssh-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1er1DKVaNYnYydHXS4Oxv36UAeZA=
  • openssh-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1szix6ccn8bmESmszXBomMqs6UrY=
  • openssh-client-common-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1lY1SmacTk9p6wQGZqeaPyQsnlf4=
  • openssh-client-common-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q11BrXGv3yQMXsUu3uzOIbrabKW5Q=
  • openssh-client-default-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1J8PuKm2fWZ7ISG9bCXEtJinXFWY=
  • openssh-client-default-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1p8AcbxeaIb2CbQ4nxF1okgyy2yk=
  • openssh-client-krb5-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1l+NK7yFwkoGspAl93xPFtIBNMKg=
  • openssh-client-krb5-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1OLpflSxTCNXGTRml5MU0EH6fssw=
  • openssh-doc-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q16RLA3U1iqid1C7bopMCv+SjWB3E=
  • openssh-doc-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1u7jYFNY0OGWnLMFNC6hH269Pw1A=
  • openssh-keygen-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q12A42MKMuNACnC1+OKfNNlr8U9zo=
  • openssh-keygen-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1+N4aaGxcNLFxjbfvxuUiBtsoo4Y=
  • openssh-keysign-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1bFXEc5bvulgB/brWKOy5fORHNug=
  • openssh-keysign-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1pWEm+2uXxSUqTt0dDeZCSCcrXKk=
  • openssh-server-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1IlAC/U8AA53ATAOJA41+rTQz3KM=
  • openssh-server-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1Gj1ccicPRKT5wjmixVVhN2u0oOY=
  • openssh-server-common-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1ZO5N7GnUXsWU82pDi8Fsp+9GT7g=
  • openssh-server-common-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1FYLiKNzrBN95NFhOyJKP2QnGo70=
  • openssh-server-krb5-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1yBOq2HGD84cY1mmwQrQgnA4Kndo=
  • openssh-server-krb5-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1tM5VBLNvubM3ScUxduqtxNxswh4=
  • openssh-server-pam-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q19k8PhsveH5ak5BcJJzk7+K+DgXk=
  • openssh-server-pam-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1rFrmhFvZUYqhaegHkr8xu7TVe4U=
  • openssh-sftp-server-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1bAzsn25c/cCpHEyGX2PfxFC5Qx4=
  • openssh-sftp-server-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1HmZbmfWUYo8ybxa8Wd7ya4vcsbo=
  • openssh-sk-helper-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1/YxyqXZKWjBqmlvJj09KaEtkVfU=
  • openssh-sk-helper-9.3_p2.tuxcare.els1-rr0.apk
    sha:Q1MUiGNdeLDyz3FADjqEmfpU9fvcI=
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.