Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openssh-clients-9.9p1-9.el9 RPM for aarch64

From CentOS Stream 9 BaseOS for aarch64

Name: openssh-clients Distribution: CentOS
Version: 9.9p1 Vendor: CentOS
Release: 9.el9 Build date: Fri Jun 26 15:16:27 2026
Group: Unspecified Build host: aarch64-06.stream.rdu2.redhat.com
Size: 2814586 Source RPM: openssh-9.9p1-9.el9.src.rpm
Packager: builder@centos.org
Url: http://www.openssh.com/portable.html
Summary: An open source SSH client applications
OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.

Provides

Requires

License

BSD

Changelog

* Fri Jun 26 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-9
  - CVE-2026-55653: Fix double free in openssh DH-GEX client path during
    FIPS known-group validation that leads to client-side denial of service
    Resolves: RHEL-186440
  - CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator
    cleanup due to missing NULL terminator
    Resolves: RHEL-185835
  - CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket
    pre-binding
    Resolves: RHEL-185850
* Wed Apr 01 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-8
  - Fix static analysis issues
    Resolves: RHEL-163366
  - Ssh should refuse connection when mlkem kex is specified in FIPS
    Resolves: RHEL-155161
  - CVE-2026-35385: Fix privilege escalation via scp legacy protocol
    when not in preserving file mode
    Resolves: RHEL-164754
  - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode
    multiplexing sessions
    Resolves: RHEL-166251
  - CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms
    and HostbasedAcceptedAlgorithms with regard to ECDSA keys
    Resolves: RHEL-166235
  - CVE-2026-35414: Fix mishandling of authorized_keys principals option
    Resolves: RHEL-166203
  - CVE-2026-35386: Add validation rules to usernames and hostnames
    set for ProxyJump/-J on the commandline
    Resolves: RHEL-166219
* Thu Mar 26 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-7 + 0.10.4-9
  - Version bump
* Mon Mar 16 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-5 + 0.10.4-8
  - CVE-2026-3497: Fix information disclosure or denial of service due
    to uninitialized variables in gssapi-keyex
    Resolves: RHEL-155825
  - Fix incorrect claim about SSH_AUTH_SOCK in pam_ssh_agent_auth manual page
    Resolves: RHEL-122302
* Wed Feb 25 2026 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.9p1-4
  - Provide a way to skip unsupported ML-KEM hybrid algorithms in FIPS mode
    Resolves: RHEL-151580
* Tue Dec 09 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-3
  - Enable support for DSA keys
    Resolves: RHEL-127624
  - CVE-2025-61984: Reject usernames with control characters
    Resolves: RHEL-133959
  - CVE-2025-61985: Reject URL-strings with NULL characters
    Resolves: RHEL-133960
* Mon Oct 27 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-2
  - Fix implicit destination path selection when source path ends with ".."
    Resolves: RHEL-119515
  - Canonicalize username when matching a user
    Resolves: RHEL-118372
* Wed Sep 10 2025 Pavol Žáčik <pzacik@redhat.com> - 9.9p1-1
  - Rebase to version 9.9
    Resolves: RHEL-108912
* Mon Jul 21 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-46
  - Move the redhat help message to debug1 log level
    Resolves: RHEL-104580
* Tue Feb 18 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-45
  - Fix missing error codes set and invalid error code checks in OpenSSH. It
    prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
    is on (CVE-2025-26465).
    Resolves: RHEL-78700
* Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44
  - Add extra help information on ssh early failure
    Resolves: RHEL-33809
  - Provide details on crypto error instead of "error in libcrypto"
    Resolves: RHEL-52293
  - Allow duplicate Subsystem directive
    Resolves: RHEL-47112
* Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43
  - Possible remote code execution due to a race condition (CVE-2024-6409)
    Resolves: RHEL-45741
* Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42
  - Possible remote code execution due to a race condition (CVE-2024-6387)
    Resolves: RHEL-45348

Files

/etc/ssh/ssh_config
/etc/ssh/ssh_config.d
/etc/ssh/ssh_config.d/50-redhat.conf
/usr/bin/scp
/usr/bin/sftp
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-copy-id
/usr/bin/ssh-keyscan
/usr/lib/.build-id
/usr/lib/.build-id/20
/usr/lib/.build-id/20/e70783412f35a64fd5e7c4d93c02cc473a704c
/usr/lib/.build-id/3d
/usr/lib/.build-id/3d/8ffcfac5eae0c877997d7dc1c5ed49e0f828b6
/usr/lib/.build-id/5a
/usr/lib/.build-id/5a/f4ee4e96f290b7a1151b31a1545d1176462cd8
/usr/lib/.build-id/6a
/usr/lib/.build-id/6a/70b0e683be4720da165d3c59845671a09b0384
/usr/lib/.build-id/a6
/usr/lib/.build-id/a6/a38aa0c7c150d873041deab6a345ff71a669da
/usr/lib/.build-id/ad
/usr/lib/.build-id/ad/24b1b3ae253fde5c9c5a1868d447593b330825
/usr/lib/.build-id/d4
/usr/lib/.build-id/d4/5ce3d2e29cd716db2d0f7e5101f8e5a5bd9fc8
/usr/lib/.build-id/df
/usr/lib/.build-id/df/8ceca7feaf48d04b963c15a95d3ea6a8d642dc
/usr/lib/systemd/user/ssh-agent.service
/usr/libexec/openssh/ssh-pkcs11-helper
/usr/libexec/openssh/ssh-sk-helper
/usr/share/man/man1/scp.1.gz
/usr/share/man/man1/sftp.1.gz
/usr/share/man/man1/ssh-add.1.gz
/usr/share/man/man1/ssh-agent.1.gz
/usr/share/man/man1/ssh-copy-id.1.gz
/usr/share/man/man1/ssh-keyscan.1.gz
/usr/share/man/man1/ssh.1.gz
/usr/share/man/man5/ssh_config.5.gz
/usr/share/man/man8/ssh-pkcs11-helper.8.gz
/usr/share/man/man8/ssh-sk-helper.8.gz


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 7 03:21:16 2026