Release date:
2026-05-05 02:12:52 UTC
Description:
* SECURITY UPDATE: authorized_keys principals="" option mismatches
certificate principals containing comma characters.
- debian/patches/CVE-2026-35414.patch: rewrite match_principals_option
to split principal_list with strsep() and compare with strcmp().
- CVE-2026-35414
Updated packages:
-
openssh-client_7.9p1-10+deb10u4+tuxcare.els4_amd64.deb
sha:ee1f3ed0a89c30d418fd6448d8797bd0bc37707b
-
openssh-server_7.9p1-10+deb10u4+tuxcare.els4_amd64.deb
sha:389c2da8b68379dfcbd6280e5096bfbd75d9ac6a
-
openssh-sftp-server_7.9p1-10+deb10u4+tuxcare.els4_amd64.deb
sha:e21f9d817630955ff509889c49a202cf64a21e7a
-
openssh-tests_7.9p1-10+deb10u4+tuxcare.els4_amd64.deb
sha:e08346cada0697cddc27484f02ef8ea1fbdf88ee
-
ssh_7.9p1-10+deb10u4+tuxcare.els4_all.deb
sha:99e17951c297433bff05b83a04b4704aab248839
-
ssh-askpass-gnome_7.9p1-10+deb10u4+tuxcare.els4_amd64.deb
sha:8f4ac84f812d18476f601d52cd57855ed45362d7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
