↵ Return to the main page of openssh-keycat
View build
Search for updates
Package Info (Data from x86_64 build)
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files
| Date | Author | Change |
|---|---|---|
| 2026-07-07 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 10.2p1-12 | - Improve GSS KEX algorithms documentation Patches are submitted by xspielinbox+redhat@protonmail.com Resolves: rhbz#2241564 |
| 2026-07-07 | Zoltan Fridrich <zfridric at redhat dot com> - 10.2p1-11 | - CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known-group validation that leads to client-side denial of service - CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator - CVE-2026-55655: Fix MITM of X11 forwarding via abstract UNIX socket pre-binding - Remove duplicate manpage entries from ssh(1) Resolves: rhbz#2442505 |
| 2026-04-30 | Manuel Fombuena <fombuena at outlook dot com> - 10.2p1-10 | - Fix error message when fetching certs and keys on PKCS11 smartcards protected with PIN |
| 2026-04-28 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 10.2p1-9 | - OpenSSH PKCS11 smartcard PIN authentication fixed Resolves: rhbz#2461884 |
| 2026-04-17 | Zoltan Fridrich <zfridric at redhat dot com> - 10.2p1-8 | - CVE-2026-35385: Fix privilege escalation via scp legacy protocol when not in preserving file mode Resolves: rhbz#2454941 - CVE-2026-35388: Add connection multiplexing confirmation for proxy-mode multiplexing sessions Resolves: rhbz#2454951 - CVE-2026-35387: Fix incomplete application of PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard to ECDSA keys Resolves: rhbz#2454944 - CVE-2026-35414: Fix mishandling of authorized_keys principals option Resolves: rhbz#2454943 - CVE-2026-35386: Add validation rules to usernames and hostnames set for ProxyJump/-J on the commandline Resolves: rhbz#2454961 |
| 2026-03-23 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 10.2p1-7 | - Fix typo in SPDX license name |
| 2026-03-18 | Zoltan Fridrich <zfridric at redhat dot com> - 10.2p1-6 | - CVE-2026-3497: Fix information disclosure or denial of service due to uninitialized variables in gssapi-keyex |
| 2026-02-27 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 10.2p1-5 | - Cleanup of the previous commit |
| 2026-02-26 | Dmitry Belyavskiy <dbelyavs at redhat dot com> - 10.2p1-4 | - Hybrid ML-KEM key exchange can be unavailable in FIPS mode. Correctly skip them. |
| 2026-02-16 | Zoltan Fridrich <zfridric at redhat dot com> - 10.2p1-3 | - Fix pam password authentication Resolves: rhbz#2423900 |