[CLSA-2026:1778602690] Fix CVE(s): CVE-2026-7598

Type:

security

Severity:

Critical

Release date:

2026-05-12 16:18:15 UTC

Description:

   * SECURITY UPDATE: fix integer overflow in username_len bounds checks across userauth_list, userauth_password and password change paths in src/userauth.c
     - debian/patches/CVE-2026-7598.patch: fix integer overflow in username_len bounds checks across userauth_list, userauth_password and password change paths in src/userauth.c
     - CVE-2026-7598

Updated packages:

libssh2-1_1.5.0-2ubuntu0.1+tuxcare.els5_amd64.deb
sha:abf892cca282709ea6c76e6494a804e26f8c0456
libssh2-1-dev_1.5.0-2ubuntu0.1+tuxcare.els5_amd64.deb
sha:9cea08287ff39f3b375f097b2b9eb87705e94818

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.