[ol9_baseos_latest] openssh-server-8.7p1-48.0.1.el9_7.aarch64

Name:	openssh-server
Version:	8.7p1
Release:	48.0.1.el9_7
Architecture:	aarch64
Group:	Unspecified
Size:	1106641
License:	BSD
RPM:	openssh-server-8.7p1-48.0.1.el9_7.aarch64.rpm
Source RPM:	openssh-8.7p1-48.0.1.el9_7.src.rpm
Build Date:	Thu Apr 02 2026
Build Host:	build-ol9-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.openssh.com/portable.html
Summary:	An open source SSH server daemon
Description:	OpenSSH is a free version of SSH (Secure SHell), a program for logging into and executing commands on a remote machine. This package contains the secure shell daemon (sshd). The sshd daemon allows SSH clients to securely connect to your SSH server.

Changelog (Show File list) (Show related packages)

Thu Apr 02 2026 EL Errata <el-errata_ww@oracle.com> - 8.7p1-48.0.1

- Upstream references found with /usr/bin/ssh [Orabug: 37814929]
- upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand [Orabug: 37647064]
- Update upstream references [Orabug: 36564626]

Mon Mar 16 2026 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-48

- CVE-2026-3497: Fix information disclosure or denial of service due
  to uninitialized variables in gssapi-keyex
  Resolves: RHEL-155823

Tue Dec 09 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-47

- CVE-2025-61984: Reject usernames with control characters
  Resolves: RHEL-128401
- CVE-2025-61985: Reject URL-strings with NULL characters
  Resolves: RHEL-128392

Mon Jul 21 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-46

- Move the redhat help message to debug1 log level
  Resolves: RHEL-104580

Tue Feb 18 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-45

- Fix missing error codes set and invalid error code checks in OpenSSH. It
  prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
  is on (CVE-2025-26465).
  Resolves: RHEL-78700

Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44

- Add extra help information on ssh early failure
  Resolves: RHEL-33809
- Provide details on crypto error instead of "error in libcrypto"
  Resolves: RHEL-52293
- Allow duplicate Subsystem directive
  Resolves: RHEL-47112

Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43

- Possible remote code execution due to a race condition (CVE-2024-6409)
  Resolves: RHEL-45741

Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42

- Possible remote code execution due to a race condition (CVE-2024-6387)
  Resolves: RHEL-45348

Mon Jun 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-41

- Fix ssh multiplexing connect timeout processing
  Resolves: RHEL-37748

Thu May 02 2024 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-40

- Correctly audit hostname and IP address
  Resolves: RHEL-22316
- Make default key sizes configurable in sshd-keygen
  Resolves: RHEL-26454