ALSA-2025:23481

[ALSA-2025:23481] Moderate: openssh security update

Type:

security

Severity:

moderate

Release date:

2025-12-21

Description:

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.  

Security Fix(es):  

  * openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand (CVE-2025-61984)
  * openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand (CVE-2025-61985)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openssh-ldap-8.0p1-27.el8_10.aarch64.rpm	1236809c1e2d82b99f997ebdf9edb2a24a541c2d06e97a0cef71f02cb5eb18df
aarch64	openssh-8.0p1-27.el8_10.aarch64.rpm	48afc459243efdc3f7c14447d4431dd0da54f45daeb3cecda4bfcc8417be8aa7
aarch64	openssh-askpass-8.0p1-27.el8_10.aarch64.rpm	61da1460a8993025128dd30998e13811ffce45d276750eeb1a5220583b0aea54
aarch64	openssh-keycat-8.0p1-27.el8_10.aarch64.rpm	8c1e48bbeaba9a769fefe8be37db6b09b3dc8277accaf4ef7a6928014488e643
aarch64	openssh-cavs-8.0p1-27.el8_10.aarch64.rpm	97829dbe61b0b354aad0d12197247271441442aa6937feddb7c34fe328c3c920
aarch64	openssh-clients-8.0p1-27.el8_10.aarch64.rpm	a44af45e840430138d9754ed7f6f169fa8f3d4fae381e93c8f324a3f77ac3f3c
aarch64	pam_ssh_agent_auth-0.10.3-7.27.el8_10.aarch64.rpm	b89cce31fd2cb934c91eda671274d2376b13d4648f46536559a4800987f78ea6
aarch64	openssh-server-8.0p1-27.el8_10.aarch64.rpm	f0433f33ba126328746875cdc09474dc6121ef210b8a1a57cdf500e8138e62d2
ppc64le	openssh-cavs-8.0p1-27.el8_10.ppc64le.rpm	16842f9ce46fdcded6b29c83d7b26deb16407bc284be83d84c448fecbff7b1c6
ppc64le	openssh-clients-8.0p1-27.el8_10.ppc64le.rpm	3beba97a64d102a2e5bcfb4a8f94c5c530a8c783caff33da7c8189699b214c22
ppc64le	openssh-askpass-8.0p1-27.el8_10.ppc64le.rpm	49517cd27f482673e8262ebf200801193925388618a89483fc4757bfe99c8e96
ppc64le	openssh-ldap-8.0p1-27.el8_10.ppc64le.rpm	4a5a4407b0a82aca566b2dee479ed646f83038ae35e087532bb61ead748510ef
ppc64le	openssh-8.0p1-27.el8_10.ppc64le.rpm	56f5de93ffa1d892faf6581fd4e6e698a8979c08227b613d9d2ac9679545c861
ppc64le	openssh-keycat-8.0p1-27.el8_10.ppc64le.rpm	5ab7bba732fbebbe159937779314e32d804e117ef78b87e97ae5b244c7b0b43c
ppc64le	pam_ssh_agent_auth-0.10.3-7.27.el8_10.ppc64le.rpm	6594ec2175e3f5a6ed7c4ac1590a62b69c390f15a780c02d419e912febb00f65
ppc64le	openssh-server-8.0p1-27.el8_10.ppc64le.rpm	bae37dc951775b555d9d6a35fc0ce630d7d9152deacd8f4a06982dc2bbc9499c
s390x	openssh-server-8.0p1-27.el8_10.s390x.rpm	1361954ea58fbb51944408c13ba53d820fce964745ef91a34fd38fa291faafad
s390x	pam_ssh_agent_auth-0.10.3-7.27.el8_10.s390x.rpm	46aa644d332bca5a3aace47199cd82f146534e3a756449cab03b6ece4606a8bd
s390x	openssh-askpass-8.0p1-27.el8_10.s390x.rpm	562859fe2e21691b2818498c7a638a142e5bf5c28006d2bb3d753d55c1474ed9
s390x	openssh-keycat-8.0p1-27.el8_10.s390x.rpm	594e6b89471fa32e2940da2f0591591f1a67f4e4e35a84fb872d0ef59d276b6a
s390x	openssh-8.0p1-27.el8_10.s390x.rpm	6c135268555370702fb010cbf3aa479c651ce3e08ccfd7ac53399ca36f4eb19c
s390x	openssh-ldap-8.0p1-27.el8_10.s390x.rpm	85ee8b88d141d4277fedecf3fcba1250c1c483a8122ff10bd3cc955317f35702
s390x	openssh-cavs-8.0p1-27.el8_10.s390x.rpm	a3405b6235855350aa3dbc335a177ab2d467ff688901b0f8190a66d454dfebe3
s390x	openssh-clients-8.0p1-27.el8_10.s390x.rpm	bbda35294de75bd1bb2549a533baa6fc7dd0313bc7f28f2bb09f1dc0e577ae79
x86_64	openssh-ldap-8.0p1-27.el8_10.x86_64.rpm	20cde1fa0c291aa945548a89502a93bbc42a15f95676684cfeb25fc5709db047
x86_64	openssh-clients-8.0p1-27.el8_10.x86_64.rpm	22a08d7e99fa6544c4d885ec96e209e8e39d9b79c9f303552041d7ecebf6d171
x86_64	openssh-8.0p1-27.el8_10.x86_64.rpm	54d9f2efffe7c30435e1253379a4cbfbdb3a7f27a70e095077148154adda63bb
x86_64	openssh-keycat-8.0p1-27.el8_10.x86_64.rpm	7d4dadc9270e93c7d5459f09864030434ec0705c3cdbc75727f3d874e23c8f83
x86_64	openssh-askpass-8.0p1-27.el8_10.x86_64.rpm	809c8618f8a2d348306856a0ea4713bf53279f9aacaf90ba25a334bd44a2ea3a
x86_64	openssh-cavs-8.0p1-27.el8_10.x86_64.rpm	8e266e5a5cfb513db8295580ef72d82e016bc627e4cd39c379e57e4ac083d904
x86_64	openssh-server-8.0p1-27.el8_10.x86_64.rpm	b69b9921117a6e8fb1f2e01fbeae3d1adaeb141b250941eadd364abce6471281
x86_64	pam_ssh_agent_auth-0.10.3-7.27.el8_10.x86_64.rpm	cc561c656c4e9c3338a00d9ead2a717198e718fe84d71675d07a8ca22fe6f302

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.