Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

openssh-keycat-9.9p1-9.el9 RPM for ppc64le

From CentOS Stream 9 BaseOS for ppc64le

Name: openssh-keycat Distribution: CentOS
Version: 9.9p1 Vendor: CentOS
Release: 9.el9 Build date: Fri Jun 26 15:16:48 2026
Group: Unspecified Build host: ppc64le-01.stream.rdu2.redhat.com
Size: 69487 Source RPM: openssh-9.9p1-9.el9.src.rpm
Packager: builder@centos.org
Url: http://www.openssh.com/portable.html
Summary: A mls keycat backend for openssh
OpenSSH mls keycat is backend for using the authorized keys in the
openssh in the mls mode.

Provides

Requires

License

BSD

Changelog

* Fri Jun 26 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-9
  - CVE-2026-55653: Fix double free in openssh DH-GEX client path during
    FIPS known-group validation that leads to client-side denial of service
    Resolves: RHEL-186440
  - CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator
    cleanup due to missing NULL terminator
    Resolves: RHEL-185835
  - CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket
    pre-binding
    Resolves: RHEL-185850
* Wed Apr 01 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-8
  - Fix static analysis issues
    Resolves: RHEL-163366
  - Ssh should refuse connection when mlkem kex is specified in FIPS
    Resolves: RHEL-155161
  - CVE-2026-35385: Fix privilege escalation via scp legacy protocol
    when not in preserving file mode
    Resolves: RHEL-164754
  - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode
    multiplexing sessions
    Resolves: RHEL-166251
  - CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms
    and HostbasedAcceptedAlgorithms with regard to ECDSA keys
    Resolves: RHEL-166235
  - CVE-2026-35414: Fix mishandling of authorized_keys principals option
    Resolves: RHEL-166203
  - CVE-2026-35386: Add validation rules to usernames and hostnames
    set for ProxyJump/-J on the commandline
    Resolves: RHEL-166219
* Thu Mar 26 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-7 + 0.10.4-9
  - Version bump
* Mon Mar 16 2026 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-5 + 0.10.4-8
  - CVE-2026-3497: Fix information disclosure or denial of service due
    to uninitialized variables in gssapi-keyex
    Resolves: RHEL-155825
  - Fix incorrect claim about SSH_AUTH_SOCK in pam_ssh_agent_auth manual page
    Resolves: RHEL-122302
* Wed Feb 25 2026 Dmitry Belyavskiy <dbelyavs@redhat.com> - 9.9p1-4
  - Provide a way to skip unsupported ML-KEM hybrid algorithms in FIPS mode
    Resolves: RHEL-151580
* Tue Dec 09 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-3
  - Enable support for DSA keys
    Resolves: RHEL-127624
  - CVE-2025-61984: Reject usernames with control characters
    Resolves: RHEL-133959
  - CVE-2025-61985: Reject URL-strings with NULL characters
    Resolves: RHEL-133960
* Mon Oct 27 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-2
  - Fix implicit destination path selection when source path ends with ".."
    Resolves: RHEL-119515
  - Canonicalize username when matching a user
    Resolves: RHEL-118372
* Wed Sep 10 2025 Pavol Žáčik <pzacik@redhat.com> - 9.9p1-1
  - Rebase to version 9.9
    Resolves: RHEL-108912
* Mon Jul 21 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-46
  - Move the redhat help message to debug1 log level
    Resolves: RHEL-104580
* Tue Feb 18 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-45
  - Fix missing error codes set and invalid error code checks in OpenSSH. It
    prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
    is on (CVE-2025-26465).
    Resolves: RHEL-78700
* Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44
  - Add extra help information on ssh early failure
    Resolves: RHEL-33809
  - Provide details on crypto error instead of "error in libcrypto"
    Resolves: RHEL-52293
  - Allow duplicate Subsystem directive
    Resolves: RHEL-47112
* Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43
  - Possible remote code execution due to a race condition (CVE-2024-6409)
    Resolves: RHEL-45741
* Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42
  - Possible remote code execution due to a race condition (CVE-2024-6387)
    Resolves: RHEL-45348

Files

/etc/pam.d/ssh-keycat
/usr/lib/.build-id
/usr/lib/.build-id/a2
/usr/lib/.build-id/a2/9bf0a4e0c80420a4f1b4a67aa763fea4045f4e
/usr/libexec/openssh/ssh-keycat
/usr/share/doc/openssh-keycat
/usr/share/doc/openssh-keycat/HOWTO.ssh-keycat


Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Jul 7 03:17:41 2026