CLSA-2026-1777296725

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json

JSON Data

https://api.test.osv.dev/v1/vulns/CLSA-2026-1777296725

Upstream

CVE-2026-35414

Published

2026-04-27T13:32:11Z

Modified

2026-06-04T09:47:37.432715539Z

Summary

Fix CVE(s): CVE-2026-35414

Details

SECURITY UPDATE: mishandling of authorizedkeys principals option
- debian/patches/CVE-2026-35414.patch: replace matchlist() with xstrdup + strsep + exact strcmp in matchprincipalsoption() in auth2-pubkey.c, so certificate principals containing embedded commas are no longer wrongly cross-matched.
- CVE-2026-35414

References

https://errata.tuxcare.com/els_os/ubuntu20.04els/CLSA-2026-1777296725.html

Affected packages

TuxCare:Ubuntu:20.04

openssh-client

Package

Name: openssh-client
Purl: pkg:deb/tuxcare/openssh-client?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:8.2p1-4ubuntu0.13+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json"

openssh-server

Package

Name: openssh-server
Purl: pkg:deb/tuxcare/openssh-server?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:8.2p1-4ubuntu0.13+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json"

openssh-sftp-server

Package

Name: openssh-sftp-server
Purl: pkg:deb/tuxcare/openssh-sftp-server?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:8.2p1-4ubuntu0.13+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json"

openssh-tests

Package

Name: openssh-tests
Purl: pkg:deb/tuxcare/openssh-tests?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:8.2p1-4ubuntu0.13+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json"

ssh

Package

Name: ssh
Purl: pkg:deb/tuxcare/ssh?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:8.2p1-4ubuntu0.13+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json"

ssh-askpass-gnome

Package

Name: ssh-askpass-gnome
Purl: pkg:deb/tuxcare/ssh-askpass-gnome?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:8.2p1-4ubuntu0.13+tuxcare.els2

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1777296725.json"