Oracle Linux Security Advisory ELSA-2025-23479 http://linux.oracle.com/errata/ELSA-2025-23479.html
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: openssh-9.9p1-12.0.1.el10_1.x86_64.rpm openssh-askpass-9.9p1-12.0.1.el10_1.x86_64.rpm openssh-clients-9.9p1-12.0.1.el10_1.x86_64.rpm openssh-keycat-9.9p1-12.0.1.el10_1.x86_64.rpm openssh-keysign-9.9p1-12.0.1.el10_1.x86_64.rpm openssh-server-9.9p1-12.0.1.el10_1.x86_64.rpm aarch64: openssh-9.9p1-12.0.1.el10_1.aarch64.rpm openssh-askpass-9.9p1-12.0.1.el10_1.aarch64.rpm openssh-clients-9.9p1-12.0.1.el10_1.aarch64.rpm openssh-keycat-9.9p1-12.0.1.el10_1.aarch64.rpm openssh-keysign-9.9p1-12.0.1.el10_1.aarch64.rpm openssh-server-9.9p1-12.0.1.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/openssh-9.9p1-12.0.1.el10_1.src.rpm Related CVEs: CVE-2025-61984 CVE-2025-61985 Description of changes: [9.9p1-12.0.1] - Upstream references found with /usr/bin/ssh [Orabug: 37824421] [9.9p1-12] - CVE-2025-61984: Reject usernames with control characters Resolves: RHEL-128397 - CVE-2025-61985: Reject URL-strings with NULL characters Resolves: RHEL-128387 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
