Release date:
2026-05-06 07:06:33 UTC
Description:
- CVE-2026-35386: fix client-side command execution via control characters
in usernames by adding iscntrl rejection to valid_ruser
Updated packages:
-
openssh-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:d0f9af4a340d0b031e8c96f02ec95de81a26161cfc46f2802f8d38b4af1be07b
-
openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:f17c4d325d68793e7451c6eb45d009e48a5050341c7d5b32b6528728801b1dce
-
openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:ec41c7c7bba1bb285b63d29db40cfb7a243b8cc990e9e4c6d59c101f8c2fe5c8
-
openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:9769566180037a3715042e280cf8e32cabb72b706d06817aa3eb6d2aede56979
-
openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:972fccabe673fba2c94653d8beee8acd5b775836a561b49527cd40017a4122e5
-
openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:a10fc2a1fbd2f1594b884d9e028ed5f69c90b8fa8874787a86c7479f7b2760db
-
openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:db8d2c4cd5b1453c9164c5cec97a9ff88a8d8294b3af4302f81430477b86b1a6
-
openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:4e0921a898f4067080fd2b99c41e48699b3cd68647aa74cd2df22922bb2413d8
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els5.i686.rpm
sha:3a9aafbc7118b17a4adf67b36d2cd008bba6f7cde131324d1acc38c64bc83996
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:a18d295b11e1699ea0c205c6f83dbe9ca250dc3f81d33a5e35469788cd4edf21
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
