Release date:
2026-03-26 12:37:14 UTC
Description:
- CVE-2018-20685: fix a vulnerability scp client where a malicious server
could bypass intended access restrictions and modify target directory
permissions via crafted filenames
- CVE-2019-6109: fix scp client where a malicious server could manipulate
the client's progress display output due to missing character encoding
- CVE-2019-6111: fix scp client vulnerability that allowed a malicious
server to overwrite arbitrary files in the client's target directory,
including subdirectories, when performing transfers
Updated packages:
-
openssh-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:c7dc5bf9d8d408afce072d0fad3b48436a691d266a9eff9e4a50656e4d36759b
-
openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:cabcc3cc6a8abb849e3b78b64fa13b813694d5a8e7dbce9152db57f2773650cf
-
openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:ff94e6b0a3ef519ee34674681c74efa407857a51e8e96db7410514925c05dd18
-
openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:32ac4a032722117092fa7af36fa231c4599e93de45b34aa126e5b4455215cb1c
-
openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:514534a9b958ac3d4151c102af44bf1dee11e9686b8a54a5e0c9356df7e6dd60
-
openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:143ece639c77b5adc6d0e89b7b481414fd7c0c28aaaec1957ada7cc44eacbf69
-
openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:056804c520937f7d58e5768db5a10a30158de54a203aa0a78f22d19c3eb371d3
-
openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:78c0ceaccb909a5d7aaa4e2553a8a68a8cf5e74a47bfd3aaace7eb9c5420887b
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els3.i686.rpm
sha:19d52075d0dd20c71f7a640eccb90799d494486e1d82232d3a5cdfd21e9085ea
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els3.x86_64.rpm
sha:999a52bcac2ecfe58ce01c8f7b682a6d2e868609a72c4cff7670333a48a0f737
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
