Release date:
2026-05-27 13:31:45 UTC
Description:
- CVE-2025-4877: prevent integer overflow and potential out-of-bounds
write in base64 decoder by capping input length to 256MB
- CVE-2025-8277: adjust packet filter to work correctly when DH-GEX is
guessed wrongly
- CVE-2026-0965: refuse non-regular and over-sized configuration files
in libssh config and known_hosts readers
Updated packages:
-
libssh-0.10.4-8.el9_2.tuxcare.els12.i686.rpm
sha:d78e57a7447fcaa0154275715987831850d91baa7440f344a5e208c6b708e39d
-
libssh-0.10.4-8.el9_2.tuxcare.els12.x86_64.rpm
sha:f431fedab8185ceccabe0fd0b20f9d358389b74653320a614c57ac99d4bdaa5e
-
libssh-config-0.10.4-8.el9_2.tuxcare.els12.noarch.rpm
sha:d8f53bb3ea7f2ebdc8db295e37246914c3891ca733a785999a3eca8781c762de
-
libssh-devel-0.10.4-8.el9_2.tuxcare.els12.i686.rpm
sha:848b0c42594d9180e79f550ce93862fa45e1fee547f433b4260dbe8e22330664
-
libssh-devel-0.10.4-8.el9_2.tuxcare.els12.x86_64.rpm
sha:68853b2a1581c0ff7076862defdd7deb277627f4f7788be1571f13c88fc9245b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
