-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 May 2026 11:26:56 +0100
Source: openssh
Binary: openssh-client openssh-client-dbgsym openssh-client-udeb openssh-server openssh-server-dbgsym openssh-server-udeb openssh-sftp-server openssh-sftp-server-dbgsym openssh-tests openssh-tests-dbgsym ssh-askpass-gnome ssh-askpass-gnome-dbgsym
Architecture: s390x
Version: 1:9.2p1-2+deb12u10
Distribution: bookworm
Urgency: medium
Maintainer: s390x Build Daemon (ziehrer) <buildd_s390x-ziehrer@buildd.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
 openssh-tests - OpenSSH regression tests
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
Closes: 1132572 1132573 1132574 1132575 1132576
Changes:
 openssh (1:9.2p1-2+deb12u10) bookworm; urgency=medium
 .
   * Backport minor security fixes from 10.3p1:
     - ssh(1): the -J and equivalent -oProxyJump="..." options now validate
       user and host names for ProxyJump/-J options passed via the
       command-line (no such validation is performed for this option in
       configuration files). This prevents shell injection in situations
       where these were directly exposed to adversarial input, which would
       have been a terrible idea to begin with.
     - CVE-2026-35386: ssh(1): validation of shell metacharacters in user
       names supplied on the command-line was performed too late to prevent
       some situations where they could be expanded from %-tokens in
       ssh_config. For certain configurations, such as those that use a "%u"
       token in a "Match exec" block, an attacker who can control the user
       name passed to ssh(1) could potentially execute arbitrary shell
       commands. Reported by Florian Kohnhäuser (closes: #1132573).
       We continue to recommend against directly exposing ssh(1) and other
       tools' command-lines to untrusted input. Mitigations such as this can
       not be absolute given the variety of shells and user configurations in
       use.
     - CVE-2026-35414: sshd(8): when matching an authorized_keys
       principals="" option against a list of principals in a certificate, an
       incorrect algorithm was used that could allow inappropriate matching
       in cases where a principal name in the certificate contains a comma
       character. Exploitation of the condition requires an authorized_keys
       principals="" option that lists more than one principal *and* a CA
       that will issue a certificate that encodes more than one of these
       principal names separated by a comma (typical CAs strongly constrain
       which principal names they will place in a certificate). This
       condition only applies to user- trusted CA keys in authorized_keys,
       the main certificate authentication path
       (TrustedUserCAKeys/AuthorizedPrincipalsFile) is not affected. Reported
       by Vladimir Tokarev (closes: #1132576).
     - CVE-2026-35385: scp(1): when downloading files as root in legacy (-O)
       mode and without the -p (preserve modes) flag set, scp did not clear
       setuid/setgid bits from downloaded files as one might typically
       expect. This bug dates back to the original Berkeley rcp program.
       Reported by Christos Papakonstantinou of Cantina and Spearbit (closes:
       #1132572).
     - CVE-2026-35387: sshd(8): fix incomplete application of
       PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard
       to ECDSA keys. Previously if one of these directives contains any
       ECDSA algorithm name (say "ecdsa-sha2-nistp384"), then any other ECDSA
       algorithm would be accepted in its place regardless of whether it was
       listed or not.  Reported by Christos Papakonstantinou of Cantina and
       Spearbit (closes: #1132574).
     - CVE-2026-35388: ssh(1): connection multiplexing confirmation
       (requested using "ControlMaster ask/autoask") was not being tested for
       proxy mode multiplexing sessions (i.e. "ssh -O proxy ..."). Reported
       by Michalis Vasileiadis (closes: #1132575).
Checksums-Sha1:
 588afc2e4e4c077feecc7a6aa0a3dee493413b1c 3514524 openssh-client-dbgsym_9.2p1-2+deb12u10_s390x.deb
 dd70d4559e78634f2e0c254f6a2e054f61b29a56 337740 openssh-client-udeb_9.2p1-2+deb12u10_s390x.udeb
 e0a696cc960530556c9a55d6dcdbc84c1b0742fc 896632 openssh-client_9.2p1-2+deb12u10_s390x.deb
 e750f1156e9ea6b3c81bbe5f71742428f03c3969 929676 openssh-server-dbgsym_9.2p1-2+deb12u10_s390x.deb
 d019aeb1849b72ec2ada76c8e35cf2cb64cc461e 347888 openssh-server-udeb_9.2p1-2+deb12u10_s390x.udeb
 79d7d37952a2ef2829ef294311a96ec4c5dfcd0b 401068 openssh-server_9.2p1-2+deb12u10_s390x.deb
 bfdd41c1dc86780ab3b964f9c23775b95ac62eac 163780 openssh-sftp-server-dbgsym_9.2p1-2+deb12u10_s390x.deb
 46cdf83f096effbb7fa762ec636b1e59a9626e89 58160 openssh-sftp-server_9.2p1-2+deb12u10_s390x.deb
 2250d190712e5d701801c901f4be30ae51770250 2748512 openssh-tests-dbgsym_9.2p1-2+deb12u10_s390x.deb
 70248386766762b7066ba99944d36ad89bf1c9e5 999448 openssh-tests_9.2p1-2+deb12u10_s390x.deb
 39c45d5e473ca23a4800dc05cd8d89630ece5958 18639 openssh_9.2p1-2+deb12u10_s390x-buildd.buildinfo
 b1e79be7db69f0757bf44c6cb15409447379380a 16684 ssh-askpass-gnome-dbgsym_9.2p1-2+deb12u10_s390x.deb
 4a497b18caf25b46882ad8b24d41955f97b81937 189156 ssh-askpass-gnome_9.2p1-2+deb12u10_s390x.deb
Checksums-Sha256:
 d482e1a90cc52b4c52369f46a3928007eae999d9dab5eef1174d158b3afe238f 3514524 openssh-client-dbgsym_9.2p1-2+deb12u10_s390x.deb
 eaf456d37371c333af1fd4bc8d64baa33414efafea58a1ad323c81d6b34a1fe2 337740 openssh-client-udeb_9.2p1-2+deb12u10_s390x.udeb
 edf216cfbb37536b164fd152dace00d0520eeda164ae846032be46bc229ff5bb 896632 openssh-client_9.2p1-2+deb12u10_s390x.deb
 f1c0721f96e0dfc36f55fb5738eaf3eb8df5d3a9f96fec42207a8e8cf46d6a7f 929676 openssh-server-dbgsym_9.2p1-2+deb12u10_s390x.deb
 50d2d7bd07f657b1879926ef511eb532b687dfc977c87378ec1102bd44a57aed 347888 openssh-server-udeb_9.2p1-2+deb12u10_s390x.udeb
 e7bb1dc5fca3bb3a9b54bf29a62bcf5846fa112e0101673ab2a4130301f64af3 401068 openssh-server_9.2p1-2+deb12u10_s390x.deb
 16635eafb4b9e62cc72d484c55973fd0449161b8c75c9a6e53058f9222995c0a 163780 openssh-sftp-server-dbgsym_9.2p1-2+deb12u10_s390x.deb
 a893d0eff9a1c3e87d73ee8d8ebc8ff3770de730e67d0c53fc8fdbff94d53e05 58160 openssh-sftp-server_9.2p1-2+deb12u10_s390x.deb
 7246ee50a60ec8b7e676b8254cb2342645c49ea0f6f472dd65adfbd47467d930 2748512 openssh-tests-dbgsym_9.2p1-2+deb12u10_s390x.deb
 ae54b657e5b7e6c532f2e67a2ee7e82040d9b8842346a9d6e12d0e8f6975a884 999448 openssh-tests_9.2p1-2+deb12u10_s390x.deb
 7fba84d5e17162f620b48ef1b6d61cd860c056f17306d8a2fb34cecd8f978c7c 18639 openssh_9.2p1-2+deb12u10_s390x-buildd.buildinfo
 228f0afe834d4dd5b6994ab0a30558e8077849582c2a8075ebff519e18e305a6 16684 ssh-askpass-gnome-dbgsym_9.2p1-2+deb12u10_s390x.deb
 5d55ff541b6ce02f4e779f9bd0ad5b7c0e0a0b775717a09ed03d970e5a8be43f 189156 ssh-askpass-gnome_9.2p1-2+deb12u10_s390x.deb
Files:
 7f3249881712090731201ffcd1e35e29 3514524 debug optional openssh-client-dbgsym_9.2p1-2+deb12u10_s390x.deb
 0bca07272628b2e6020caff6754bb574 337740 debian-installer optional openssh-client-udeb_9.2p1-2+deb12u10_s390x.udeb
 99a36719583a6fb1d4106ed8dd8515aa 896632 net standard openssh-client_9.2p1-2+deb12u10_s390x.deb
 191e5e70d6993716bd25d7561ec054db 929676 debug optional openssh-server-dbgsym_9.2p1-2+deb12u10_s390x.deb
 a13f431036d95c339d018f5883872eb1 347888 debian-installer optional openssh-server-udeb_9.2p1-2+deb12u10_s390x.udeb
 c0374d46a66dafa68db1718e069302a4 401068 net optional openssh-server_9.2p1-2+deb12u10_s390x.deb
 d86573997c067c5bbf61488e31901aa9 163780 debug optional openssh-sftp-server-dbgsym_9.2p1-2+deb12u10_s390x.deb
 2c550fd87def9cf1c5fc84890ea66406 58160 net optional openssh-sftp-server_9.2p1-2+deb12u10_s390x.deb
 52a4116d6e28306651d3d490da0a3c48 2748512 debug optional openssh-tests-dbgsym_9.2p1-2+deb12u10_s390x.deb
 ec40f438f7c35ec44d30ed29a355c7ce 999448 net optional openssh-tests_9.2p1-2+deb12u10_s390x.deb
 b5730fee54ab4b334a0b808fb8127632 18639 net standard openssh_9.2p1-2+deb12u10_s390x-buildd.buildinfo
 7fabf9b72d3d075bdccb34353947bc64 16684 debug optional ssh-askpass-gnome-dbgsym_9.2p1-2+deb12u10_s390x.deb
 c59b0ac12a51f7cc0212b5ff93a35141 189156 gnome optional ssh-askpass-gnome_9.2p1-2+deb12u10_s390x.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEl0BM/nR+Oj597wRWMWUFebkHnoQFAmn6PVQACgkQMWUFebkH
noQ9WA//Va8AmoBkGSsEs/nxsRCLbZOuiRtlzEF30iKfJpty6RLeedh7k3TMw4lS
TtL+qx3h8RCUUTWB3ovO1HbQuqjsSndUs8BUvZGfIEMFGOQ8bKkwHXbenU7+kiIp
CfXhwTd2L+fU+4EWeQ4nj7CanK+ShLMVaCtISzwBIRDfh2tFlsKgFLUphq7fVGH+
Tf4//sHko31tfeRcBhUK+CXFfmbyv4Kq2e2Di6TgQokXfPDoxBtXZXmnaTtoPS54
GKtuvX4n0RScvAX+x2Rk3Hr2RifIYRkqN2VVgXeVOTso0cXynsWp6iIPdxTQtufC
caf+nVB4qpZaHZ3JsHIunvXFbXLvf/DgXAD2IQ9zgvI+6vVj6+0IfOT6825RyscO
KXm3SHftwdTRqLuZR7QYlL3WwJSgZ/FcmO2gNTD6bvTtH1gBEd4fTRJeR+yKScWU
6M4w/z62BLJQ9Au8TzNw41ztuUEqlhzASchTbkQTo13bKzRitnjLq6bCobQSOXGi
16J6PhZH4BdeL3upMvm1FYq+EOi3grkxFegmTtmPNOGnJcoh207525YglxisN0s4
vbyX2+dcwMtrDLsR2dgUO9HwZZEWSRlPdHUU5cKbfl22iw+S/h4wWcrjA6xHKs21
Lsf6sia97Zmt3qiyGp5LVdI/7wT9p7l+3n8P6Gz5MDYBZSw8+PQ=
=ryB0
-----END PGP SIGNATURE-----