Advisory: CLSA-2026:1767954480
OS: AlmaLinux 9.2 ESU
Public date: 2026-01-09 10:28:02.183634
Project: openssh
Version: 8.7p1-30.el9_2.tuxcare.els9
Errata link: https://errata.tuxcare.com/els_os/almalinux9.2esu/CLSA-2026-1767954480.html
- CVE-2025-61984: fix username handling by rejecting control characters from untrusted sources to prevent ProxyCommand code execution - CVE-2025-61985: disallowed NUL characters in ssh:// URI parsing to prevent ProxyCommand-based code execution
Update command: dnf update openssh*
openssh-8.7p1-30.el9_2.tuxcare.els9.x86_64.rpm openssh-askpass-8.7p1-30.el9_2.tuxcare.els9.x86_64.rpm openssh-clients-8.7p1-30.el9_2.tuxcare.els9.x86_64.rpm openssh-keycat-8.7p1-30.el9_2.tuxcare.els9.x86_64.rpm openssh-server-8.7p1-30.el9_2.tuxcare.els9.x86_64.rpm openssh-sk-dummy-8.7p1-30.el9_2.tuxcare.els9.x86_64.rpm pam_ssh_agent_auth-0.10.4-5.30.el9_2.tuxcare.els9.x86_64.rpm