Release date:
2026-05-22 16:34:17 UTC
Description:
- CVE-2025-4877: prevent base64 integer overflow and potential OOB write
- CVE-2025-4878: initialize stack pointers to mitigate use of uninitialized
values in legacy privatekey_from_file() path
- CVE-2025-8277: fix DH-GEX packet filter and free unused ephemeral / ECDH
keys to prevent memory exhaustion
- CVE-2026-0965: skip non-regular and oversized configuration / known_hosts
files to avoid local DoS
Updated packages:
-
libssh-0.10.4-15.el9_6.tuxcare.els8.i686.rpm
sha:f6730e9dce4fab48fead272aee165b0e0b070796be6fea418c0f0bc4aefa67fb
-
libssh-0.10.4-15.el9_6.tuxcare.els8.x86_64.rpm
sha:20c8f1c2b5880673336e9452b2e5981bcadd854a00fef46ad63a51f76655355b
-
libssh-config-0.10.4-15.el9_6.tuxcare.els8.noarch.rpm
sha:ffb15518d583492febb24888af2a57f53d22edc9a5d6d980064b6d3a6c4447e3
-
libssh-devel-0.10.4-15.el9_6.tuxcare.els8.i686.rpm
sha:9b095806366174b17c4ccc22ab29bf1c65a14a4a2e02305ea81c9119eef5a989
-
libssh-devel-0.10.4-15.el9_6.tuxcare.els8.x86_64.rpm
sha:af4601a022353acfe5291247fad44b28ad3d368fd60ba837250fa2e316cf8c9b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
