Oracle Linux Security Advisory ELSA-2025-23481 http://linux.oracle.com/errata/ELSA-2025-23481.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: openssh-8.0p1-27.0.1.el8_10.x86_64.rpm openssh-askpass-8.0p1-27.0.1.el8_10.x86_64.rpm openssh-cavs-8.0p1-27.0.1.el8_10.x86_64.rpm openssh-clients-8.0p1-27.0.1.el8_10.x86_64.rpm openssh-keycat-8.0p1-27.0.1.el8_10.x86_64.rpm openssh-ldap-8.0p1-27.0.1.el8_10.x86_64.rpm openssh-server-8.0p1-27.0.1.el8_10.x86_64.rpm pam_ssh_agent_auth-0.10.3-7.27.0.1.el8_10.x86_64.rpm aarch64: openssh-8.0p1-27.0.1.el8_10.aarch64.rpm openssh-askpass-8.0p1-27.0.1.el8_10.aarch64.rpm openssh-cavs-8.0p1-27.0.1.el8_10.aarch64.rpm openssh-clients-8.0p1-27.0.1.el8_10.aarch64.rpm openssh-keycat-8.0p1-27.0.1.el8_10.aarch64.rpm openssh-ldap-8.0p1-27.0.1.el8_10.aarch64.rpm openssh-server-8.0p1-27.0.1.el8_10.aarch64.rpm pam_ssh_agent_auth-0.10.3-7.27.0.1.el8_10.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/openssh-8.0p1-27.0.1.el8_10.src.rpm Related CVEs: CVE-2025-61984 CVE-2025-61985 Description of changes: [8.0p1-27.0.1] - Update upstream references [Orabug: 36587718] [8.0p1-27] - CVE-2025-61984: Reject usernames with control characters Resolves: RHEL-128400 - CVE-2025-61985: Reject URL-strings with NULL characters Resolves: RHEL-128390 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
