6 matches found
openssh security update
7.4p1-23.0.5fips - Fix privilege escalation via scp legacy protocol when not in preserving file mode CVE-2026-35385Orabug: 39480251 7.4p1-23.0.3fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug: 32461739...
CLSA-2026-1777941033 openssh: Fix of CVE-2026-35385
Fix CVE-2026-35385...
ROOT-OS-DEBIAN-12-CVE-2026-35385 CVE-2026-35385 in rootio-openssh - Patched by Root
Root has patched CVE-2026-35385 in the rootio-openssh package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-35385 CVE-2026-35385 in rootio-openssh - Patched by Root
Root has patched CVE-2026-35385 in the rootio-openssh package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-35385 CVE-2026-35385 in rootio-openssh - Patched by Root
Root has patched CVE-2026-35385 in the rootio-openssh package for Root:Debian:13. Multiple fixed versions available...
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).
...