UbuntuUpdates.org

Package "openssh"

Name: openssh

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • secure shell (SSH) client, for secure access to remote machines
  • secure shell (SSH) server, for secure access from remote machines
  • secure shell (SSH) sftp server module, for SFTP access from remote machines
  • secure shell client and server (metapackage)
Latest version: 1:9.7p1-7ubuntu4.2
Release: oracular (24.10)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "openssh" in Oracular

Repository Area Version
base universe 1:9.7p1-7ubuntu4
base main 1:9.7p1-7ubuntu4
security main 1:9.7p1-7ubuntu4.2
security universe 1:9.7p1-7ubuntu4.2
updates universe 1:9.7p1-7ubuntu4.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:9.7p1-7ubuntu4.2 2025-02-19 03:07:05 UTC

  openssh (1:9.7p1-7ubuntu4.2) oracular-security; urgency=medium

  * SECURITY UPDATE: MitM with VerifyHostKeyDNS option
    - debian/patches/CVE-2025-26465.patch: fix error code handling in
      krl.c, ssh-agent.c, ssh-sk-client.c, sshconnect2.c, sshsig.c.
    - CVE-2025-26465
  * SECURITY UPDATE: pre-authentication denial of service
    - debian/patches/CVE-2025-26466.patch: don't reply to PING in preauth
      or in KEX in packet.c.
    - CVE-2025-26466

 -- Marc Deslauriers <email address hidden> Tue, 11 Feb 2025 08:16:00 -0500
Source diff to previous version
CVE-2025-26465 MitM
CVE-2025-26466 Denial of Service: asymmetric resource consumption of memory and CPU

Version: 1:9.7p1-7ubuntu4.1 2025-01-09 16:07:24 UTC

  openssh (1:9.7p1-7ubuntu4.1) oracular; urgency=medium

  * d/p/gssapi.patch: Fix interaction between gssapi-keyex and pubkey auth
    (LP: #2028282)
    Don't prefer host-bound public key signatures if there was no initial
    host key, as is the case when using GSS-API key exchange.
    Thanks to Colin Watson for providing patches via Debian Salsa (7d291bb)
    + d/t/ssh-gssapi: Fix typo in autopkgtest
    + d/t/ssh-gssapi: Test interaction between gssapi-keyex and pubkey auth.

 -- Lukas Märdian <email address hidden> Mon, 16 Dec 2024 12:49:45 +0100
2028282 [SRU] SSH pubkey authetication fails when GSSAPI enabled


About   -   Send Feedback to @ubuntu_updates