Release date:
2026-05-11 08:46:50 UTC
Description:
- Rebase onto Amazon Linux 2 7.4p1-22.amzn2.0.12 (ALAS2-2026-3262 /
CVE-2026-35385) so the TuxCare ELS package is not superseded by the
upstream security update
- CVE-2026-35414: rewrite match_principals_option() to split the
authorized_keys principals="" list with strsep() and exact-match each
entry against cert->principals[i], so that certificate principals
containing comma characters are matched correctly
Updated packages:
-
openssh-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:b267ee01afdf103d3593f8a3b22d29cb8bd63de0fbd5c40f7004cf5269603f41
-
openssh-askpass-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:168e612815a959564fc0db70c84ac660f483f0e3de9ebc46f74140a35e6e9ee3
-
openssh-cavs-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:f211dab5f052bad9751cdeea97b4f1113705a21f6dfe19ab556fb876b909e58e
-
openssh-clients-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:dbdfa99021e5d053f6e8cfab1227fdefc6b56d75fa06a8c181986f38b0d909e0
-
openssh-keycat-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:26b30e69efbc55c5ade5cbc0a5451d9c961fc9e2737b64c89499572270a89f42
-
openssh-ldap-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:f5ae62fb33461dfa5eb37c20e151b5c64b71a68ea42e5dcc3c2f0b2595126815
-
openssh-server-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:b22908aeea59a2bda1bb9fb614fc3c04b6883d92ae31e483e1bf143a4d6cef88
-
openssh-server-sysvinit-7.4p1-22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:a0d3f9b7a7c390180c496bd63a05203fa10ce69455a2e152532fb74bc8e2d615
-
pam_ssh_agent_auth-0.10.3-2.22.amzn2.0.12.tuxcare.els1.x86_64.rpm
sha:30c5eb788ac9dd8cbd369e0ce938590ccb9502f3c375291a48025245696d2da7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
