Release date:
2026-03-13 14:36:13 UTC
Description:
* SECURITY UPDATE: unexpected SSH agent authentication during public-key SSH-
based transfers
- debian/patches/CVE-2025-15224.patch: Require private key or SSH agent for
public-key authentication; prevent attempted public-key auth when neither
private key nor agent present; fix missing check that allowed public-key
auth flag without key or agent.
- CVE-2025-15224
Updated packages:
-
curl_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:f148ee61a081965984267b3cec208dae862030ca
-
libcurl3-gnutls_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:2ccdb19ab804deea970e4e46633bd0669908f7d8
-
libcurl3-nss_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:377aef8f0d858b8d24a142269dda76417d4f3ecb
-
libcurl4_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:f91415b0ded3fcc42ba218e58d4e00eb8a1ac928
-
libcurl4-doc_7.58.0-2ubuntu3.24+tuxcare.els8_all.deb
sha:837a6c151ebbcc487ebc27cd86ece7830ad7d4fe
-
libcurl4-gnutls-dev_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:82d1fbca03794229a24e88fd96106106874d6b14
-
libcurl4-nss-dev_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:5533c97ee906a433384aa164c498ffeb54ea2c54
-
libcurl4-openssl-dev_7.58.0-2ubuntu3.24+tuxcare.els8_amd64.deb
sha:92bbefeecde0a58fcb7509c3207fbdd7510cff65
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
