Release date:
2026-05-05 21:04:40 UTC
Description:
- CVE-2026-35386: fix client-side command execution via control characters
in usernames by adding iscntrl rejection to valid_ruser
Updated packages:
-
openssh-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:8428cb0e802d90b66e883dc4a5ffdc2dd6aa960c5dff475e549e239a86d9c344
-
openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:c4dd69b36453690f3cd73356885954ee7d1500feb0869cd17516ef7cdebf9a62
-
openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:1816dfe0a0669579916d3b00bf636cf5c1989e061120a5102c74ea097dc03fef
-
openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:1751071ea691d21050454fd305ec5877af57d33cd82dbc989b6db2035e800050
-
openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:39c43ca6771ee7f512457d1d28a76d60b0ac88a08e4cb7f9bf2e386136ef46af
-
openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:69d3ac01564f414f173945a6aa24441dbe1f2ebbc824d9fcb732ed26183de4f9
-
openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:95b87093b95c7a0d3b80b18d8153b67c8d0a107f121bb750f24de6eb3f646d58
-
openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:1d7d531efbd05031ca321cca99185ebada10ddc729278c8ea821c41f7df494d3
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els5.i686.rpm
sha:17bfb3c684e07245255d5fcba8ad3f05337847f27867600758e637fd9e78e013
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:5b9c9df1b0f69ee6f6ea3c0c961145159593083b0034b3d5c77bdaba016b6edb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
