[CLSA-2026:1778237316] libssh: Fix of CVE-2026-0964
Type:
security
Severity:
Moderate
Release date:
2026-05-08 10:48:40 UTC
Description:
- CVE-2026-0964: reject invalid filenames in ssh_scp_pull_request to prevent path traversal via SCP
Updated packages:
  • libssh-0.10.4-8.el9.tuxcare.els11.i686.rpm
    sha:b4985124fe42ee230586e4e3625f594479b73b33a521dd50dbaf9fe09d71b7aa
  • libssh-0.10.4-8.el9.tuxcare.els11.x86_64.rpm
    sha:b864d12d8cc0d1036cf57fa8be559d31950abdc360203c5e1d236d05bfc28596
  • libssh-config-0.10.4-8.el9.tuxcare.els11.noarch.rpm
    sha:0f0c678cf8f62b75a4fa240aa32cf53023404ca204743bb8404ef4efc3f2e398
  • libssh-devel-0.10.4-8.el9.tuxcare.els11.i686.rpm
    sha:98059f2def94fb897d006f223f730639ad5253bc48f84d464d217a459ffc708a
  • libssh-devel-0.10.4-8.el9.tuxcare.els11.x86_64.rpm
    sha:398bcf70a1fb691aadb3c1b3917b08eb122c0d555debb73f7c768182d391c4bc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.