Release date:
2026-03-27 12:47:27 UTC
Description:
- CVE-2018-20685: fix a vulnerability scp client where a malicious server
could bypass intended access restrictions and modify target directory
permissions via crafted filenames
- CVE-2019-6109: fix scp client where a malicious server could manipulate
the client's progress display output due to missing character encoding
- CVE-2019-6111: fix scp client vulnerability that allowed a malicious
server to overwrite arbitrary files in the client's target directory,
including subdirectories, when performing transfers
Updated packages:
-
openssh-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:562777ade88cea50742424b5519c0c7cf2a4d39bc15311cc7c40e3ea6b3742d6
-
openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:a5e4c51d7465df4a8d051e02ba603c2b70b6235ad57b188ac4aade5c3ae564e1
-
openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:89da27e295c9dc22a5a849f8b21c99df18cc6a1565843d748d29eba45f9a8e3f
-
openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:445a660c8819109162f7b9d7948828a763a4d090524dc828fb1c7a432a9baf70
-
openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:b037211967008dc975b16cbb7bfd9725b3a3f76887fb59fae6f85986cab65b7b
-
openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:291894c1746cd5cbc2cd3b97bd1fe203691df9469dd0bc4baac20afa502c647d
-
openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:38d96623eb7fa40cc305892af76570895d6f493b3a4838c21f81bf0a31b1fb43
-
openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:641037061475724c98c68a483825cfde873bcf6fcd5b301d50ea496caa04a914
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els3.i686.rpm
sha:fd9d6b6c344c7596453dec45c40c8626384ef37ab25e4afbcf9f0caaa7bd862d
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:093e6721411227c29c3fe7f03e1b3467c7354aafcb5c32d479c1c24cf312e6e7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
