| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: openssh | Distribution: CentOS |
| Version: 9.9p1 | Vendor: CentOS |
| Release: 9.el9 | Build date: Fri Jun 26 15:16:27 2026 |
| Group: Unspecified | Build host: aarch64-06.stream.rdu2.redhat.com |
| Size: 1778808 | Source RPM: openssh-9.9p1-9.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: http://www.openssh.com/portable.html | |
| Summary: An open source implementation of SSH protocol version 2 | |
SSH (Secure SHell) is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. OpenSSH is OpenBSD's version of the last free version of SSH, bringing it up to date in terms of security and features. This package includes the core files necessary for both the OpenSSH client and server. To make this package useful, you should also install openssh-clients, openssh-server, or both.
BSD
* Fri Jun 26 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-9
- CVE-2026-55653: Fix double free in openssh DH-GEX client path during
FIPS known-group validation that leads to client-side denial of service
Resolves: RHEL-186440
- CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator
cleanup due to missing NULL terminator
Resolves: RHEL-185835
- CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket
pre-binding
Resolves: RHEL-185850
* Wed Apr 01 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-8
- Fix static analysis issues
Resolves: RHEL-163366
- Ssh should refuse connection when mlkem kex is specified in FIPS
Resolves: RHEL-155161
- CVE-2026-35385: Fix privilege escalation via scp legacy protocol
when not in preserving file mode
Resolves: RHEL-164754
- CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode
multiplexing sessions
Resolves: RHEL-166251
- CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms
and HostbasedAcceptedAlgorithms with regard to ECDSA keys
Resolves: RHEL-166235
- CVE-2026-35414: Fix mishandling of authorized_keys principals option
Resolves: RHEL-166203
- CVE-2026-35386: Add validation rules to usernames and hostnames
set for ProxyJump/-J on the commandline
Resolves: RHEL-166219
* Thu Mar 26 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-7 + 0.10.4-9
- Version bump
* Mon Mar 16 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-5 + 0.10.4-8
- CVE-2026-3497: Fix information disclosure or denial of service due
to uninitialized variables in gssapi-keyex
Resolves: RHEL-155825
- Fix incorrect claim about SSH_AUTH_SOCK in pam_ssh_agent_auth manual page
Resolves: RHEL-122302
* Wed Feb 25 2026 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.9p1-4
- Provide a way to skip unsupported ML-KEM hybrid algorithms in FIPS mode
Resolves: RHEL-151580
* Tue Dec 09 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-3
- Enable support for DSA keys
Resolves: RHEL-127624
- CVE-2025-61984: Reject usernames with control characters
Resolves: RHEL-133959
- CVE-2025-61985: Reject URL-strings with NULL characters
Resolves: RHEL-133960
* Mon Oct 27 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-2
- Fix implicit destination path selection when source path ends with ".."
Resolves: RHEL-119515
- Canonicalize username when matching a user
Resolves: RHEL-118372
* Wed Sep 10 2025 Pavol Žáčik <pzacik@redhat.com> - 9.9p1-1
- Rebase to version 9.9
Resolves: RHEL-108912
* Mon Jul 21 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-46
- Move the redhat help message to debug1 log level
Resolves: RHEL-104580
* Tue Feb 18 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-45
- Fix missing error codes set and invalid error code checks in OpenSSH. It
prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
is on (CVE-2025-26465).
Resolves: RHEL-78700
* Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44
- Add extra help information on ssh early failure
Resolves: RHEL-33809
- Provide details on crypto error instead of "error in libcrypto"
Resolves: RHEL-52293
- Allow duplicate Subsystem directive
Resolves: RHEL-47112
* Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43
- Possible remote code execution due to a race condition (CVE-2024-6409)
Resolves: RHEL-45741
* Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42
- Possible remote code execution due to a race condition (CVE-2024-6387)
Resolves: RHEL-45348
/etc/ssh /etc/ssh/moduli /usr/bin/ssh-keygen /usr/lib/.build-id /usr/lib/.build-id/60 /usr/lib/.build-id/60/5f63e2b3e320400ee96f9ccff4b4833b526ce9 /usr/lib/.build-id/7b /usr/lib/.build-id/7b/a6d3686a2b9c2ea50dbfa0efd814f2b3a97044 /usr/lib/sysusers.d/openssh.conf /usr/libexec/openssh /usr/libexec/openssh/ssh-keysign /usr/share/doc/openssh /usr/share/doc/openssh/CREDITS /usr/share/doc/openssh/ChangeLog /usr/share/doc/openssh/OVERVIEW /usr/share/doc/openssh/PROTOCOL /usr/share/doc/openssh/PROTOCOL.agent /usr/share/doc/openssh/PROTOCOL.certkeys /usr/share/doc/openssh/PROTOCOL.chacha20poly1305 /usr/share/doc/openssh/PROTOCOL.key /usr/share/doc/openssh/PROTOCOL.krl /usr/share/doc/openssh/PROTOCOL.mux /usr/share/doc/openssh/PROTOCOL.sshsig /usr/share/doc/openssh/PROTOCOL.u2f /usr/share/doc/openssh/README /usr/share/doc/openssh/README.dns /usr/share/doc/openssh/README.platform /usr/share/doc/openssh/README.privsep /usr/share/doc/openssh/README.tun /usr/share/doc/openssh/TODO /usr/share/licenses/openssh /usr/share/licenses/openssh/LICENCE /usr/share/man/man1/ssh-keygen.1.gz /usr/share/man/man8/ssh-keysign.8.gz
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 7 03:21:16 2026