[CLSA-2026:1784109248] openssh: Fix of CVE-2026-60002
Type:
security
Severity:
Critical
Release date:
2026-07-15 09:54:20 UTC
Description:
- CVE-2026-60002: fix client-side use-after-free when the server changes its host key during a key re-exchange
CVEs fixed:
Updated packages:
  • openssh-8.7p1-45.el9_6.tuxcare.els7.x86_64.rpm
    sha:8676095fee300dcf6f6662309667ef72c6b9da1bfbb488ab96db5f892711f6a7
  • openssh-askpass-8.7p1-45.el9_6.tuxcare.els7.x86_64.rpm
    sha:0e4e5f897e0328e2a9085d6f57af53942d55ebf9c5148962076a0110e05c1ee2
  • openssh-clients-8.7p1-45.el9_6.tuxcare.els7.x86_64.rpm
    sha:b3552cd07591878a760d8ff7565f789b69f8ff96c005127fa424d9c6cae8f928
  • openssh-keycat-8.7p1-45.el9_6.tuxcare.els7.x86_64.rpm
    sha:667ba2de1a3473edb0276fb5e3e823ee907493bf61ae976b731ad79d597cb676
  • openssh-server-8.7p1-45.el9_6.tuxcare.els7.x86_64.rpm
    sha:1dbd718049d4280ce17b7c8dec93911afb7902d72f1c53e93f31330d434d6b56
  • openssh-sk-dummy-8.7p1-45.el9_6.tuxcare.els7.x86_64.rpm
    sha:091c1873a06a139d7514bb2b4c9dee17630bcb59160caa63ae59a0adbeaef950
  • pam_ssh_agent_auth-0.10.4-5.45.el9_6.tuxcare.els7.x86_64.rpm
    sha:db0afb476a1afe36673be27a354da77314686fabe50ce345187671589c8d0021
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.