Release date:
2026-04-30 21:54:16 UTC
Description:
- CVE-2026-35386: fix client-side command execution via control characters
in usernames by adding iscntrl rejection to valid_ruser
Updated packages:
-
openssh-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:438047a0bd7fed7f0cf32411c1d7cb9e0d554be95051c888e56f0c8c075358ed
-
openssh-askpass-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:6cfa55a50fcf5e30f7221f359d1350358a04e1b9804f932db824a29337723e9e
-
openssh-cavs-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:c1d625a176d848409529a5bf4b1e630a12baf7786297c1aba8d1b8e0437056d5
-
openssh-clients-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:bcaba330c9333d4a3a06b563f6a3324ec6adf7cb1008d48032c155089361ebdf
-
openssh-keycat-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:9aa75d1cf5c6026d1b9f9d9d1ccf6529c0c8babcbec907e01081172dfe987c21
-
openssh-ldap-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:3eb2ff50715b3b22310cc0608ede9c4b0dba0530ad57f8ad8b1e5376090ccc40
-
openssh-server-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:3523e35e7f2aa7506f3d669c9c05062f07daa84025f76262572326e1cb534728
-
openssh-server-sysvinit-7.4p1-23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:ed63a7fa6be3ba0ab641fdcf297aefccaf425d5be25c907bf7d000afbc1f74a2
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els5.i686.rpm
sha:f4d7d0c501b840e9a03c2ebb1b22cb6a347c3f905f65138e4eb113fea2a7e801
-
pam_ssh_agent_auth-0.10.3-2.23.0.3.el7_9.tuxcare.els5.x86_64.rpm
sha:fe2b65a25f70175ea4e2736080dcf28dd9bea6704f5d7ba7ab742ae5061b0f7b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
