Release date:
2026-05-05 03:08:58 UTC
Description:
- CVE-2026-3497: fix information disclosure / DoS in GSSAPI key exchange by
initialising gssbuf, recv_tok, msg_tok to GSS_C_EMPTY_BUFFER and replacing
non-terminating sshpkt_disconnect() with ssh_packet_disconnect() in
kexgssc.c / kexgsss.c
Updated packages:
-
openssh-8.7p1-30.el9_2.tuxcare.els12.x86_64.rpm
sha:a6627d0aedee3bfe6f8db3d7f346cd38db305146986cfbb894b7f748ad4a3201
-
openssh-askpass-8.7p1-30.el9_2.tuxcare.els12.x86_64.rpm
sha:320140a62d3e21a90a3424f6a57b08c3b49eed715eb346f29050c3262a33903d
-
openssh-clients-8.7p1-30.el9_2.tuxcare.els12.x86_64.rpm
sha:445251446c19ee1a21e02d3ce0ff8b867ee9018f95eb0e65b3bf1f0da1824dee
-
openssh-keycat-8.7p1-30.el9_2.tuxcare.els12.x86_64.rpm
sha:36f2dad23b3d1c23fde403213cb4729e8d86d4b36cb14a0be5c0be67c4c02479
-
openssh-server-8.7p1-30.el9_2.tuxcare.els12.x86_64.rpm
sha:84409db4b70fa15f51f8339325490d2ea3e618c37400c0c3a9fa3eda64bd937f
-
openssh-sk-dummy-8.7p1-30.el9_2.tuxcare.els12.x86_64.rpm
sha:e2903909684047f00b5b52c965cb7d9434404075130afe287cfcc3a7d9625dfd
-
pam_ssh_agent_auth-0.10.4-5.30.el9_2.tuxcare.els12.x86_64.rpm
sha:c5cbd54611ba2b193b4a325090fba0fa64ed1db837837a99855f8b730b2e98f0
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
