Release date:
2025-03-20 12:01:12 UTC
Description:
* SECURITY UPDATE: it's possible machine-in-the-middle attack vulnerability
caused by a malicious machine impersonating a legitimate server
- debian/patches/CVE-2025-26465.patch: Correct error code handling
- CVE-2025-26465
Updated packages:
-
openssh-client_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb
sha:70d74afc8a56f83a372686fb2e0f218a548c3e05
-
openssh-client-ssh1_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb
sha:c746d0b0a3c6937c5b1d471d5f77de058a34c0ad
-
openssh-server_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb
sha:44da2fe8dbfa219b8e10b292ca8d48eb1880701a
-
openssh-sftp-server_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb
sha:25e59fca151feb77e71be3f253831199d8405155
-
ssh_7.2p2-4ubuntu2.10+tuxcare.els7_all.deb
sha:909bb58297c5f0897ff6306e1230be731e5ba034
-
ssh-askpass-gnome_7.2p2-4ubuntu2.10+tuxcare.els7_amd64.deb
sha:cb6b90418c74648f18d2062628fc7947c5a6988f
-
ssh-krb5_7.2p2-4ubuntu2.10+tuxcare.els7_all.deb
sha:59ed760761623d5269b45dde37a31d143fb1e137
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
