[CLSA-2026:1776701249] libssh: Fix of CVE-2026-0968
Type:
security
Severity:
Low
Release date:
2026-04-20 16:07:33 UTC
Description:
- CVE-2026-0968: sanitize input handling in sftp_parse_longname() to prevent OOB read when processing malformed SFTP longname fields, add unit tests
Updated packages:
  • libssh-0.9.4-3.el8.tuxcare.els8.i686.rpm
    sha:a9035b5509ec803e46ea973e11927eaa8286699abd9dcc8e296e47d4de9e959b
  • libssh-0.9.4-3.el8.tuxcare.els8.x86_64.rpm
    sha:3e85856fe5f0aebd8e5d36650370e4344667b1d287e354e7ef2769fdb2b9f1c0
  • libssh-config-0.9.4-3.el8.tuxcare.els8.noarch.rpm
    sha:d10051a35fa6a8a4f087b6e43d872d654c4de5d370fe5003260ade9475bb1ae3
  • libssh-devel-0.9.4-3.el8.tuxcare.els8.i686.rpm
    sha:4c87f07563ede083ab6362ef2f84f4165a67223512eafbea8849cd0eceb62158
  • libssh-devel-0.9.4-3.el8.tuxcare.els8.x86_64.rpm
    sha:0e92e3bfea7bf2d0eb84b4a14b39c3cbe884bc6ce4040baf74a93a6eed07086d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.