5 matches found
openssh security update
8.7p1-49.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug: 37647064 - Update upstream references Orabug: 36564626 8.7p1-49 - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in...
CLSA-2026-1776428482 openssh: Fix of 3 CVEs
CVE-2026-35387: correctly match ECDSA signature algorithms against HostKeyAlgorithms, PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms - CVE-2026-35388: add missing askpass check when using ControlMaster=ask/autoask and "ssh -O proxy ..." - CVE-2026-35414: fix authorizedkeys principals...
EUVD-2026-18402
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...
CVE-2026-35387
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...
CVE-2026-35387
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms...