ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2026:1767955216

OS: TuxCare 9.6 ESU

Public date: 2026-01-09 10:40:18.073547

Project: openssh

Version: 8.7p1-45.el9.tuxcare.els1

Errata link: https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1767955216.html

Changelog

- CVE-2025-61984: fix username handling by rejecting control characters from untrusted sources to prevent ProxyCommand code execution - CVE-2025-61985: disallowed NUL characters in ssh:// URI parsing to prevent ProxyCommand-based code execution

Update

Update command: dnf update openssh*

Packages list

openssh-8.7p1-45.el9.tuxcare.els1.x86_64.rpm openssh-askpass-8.7p1-45.el9.tuxcare.els1.x86_64.rpm openssh-clients-8.7p1-45.el9.tuxcare.els1.x86_64.rpm openssh-keycat-8.7p1-45.el9.tuxcare.els1.x86_64.rpm openssh-server-8.7p1-45.el9.tuxcare.els1.x86_64.rpm openssh-sk-dummy-8.7p1-45.el9.tuxcare.els1.x86_64.rpm pam_ssh_agent_auth-0.10.4-5.45.el9.tuxcare.els1.x86_64.rpm

CVEs

CVE-2025-61984

CVE-2025-61985