openssh-clients-9.9p1-3.el9 RPM for x86_64

From CentOS Stream 9 BaseOS for x86_64

OpenSSH is a free version of SSH (Secure SHell), a program for logging
into and executing commands on a remote machine. This package includes
the clients necessary to make encrypted connections to SSH servers.

Provides

• openssh-clients
• config(openssh-clients)
• openssh-clients(x86-64)

Requires

• /bin/sh
• /bin/sh
• /usr/bin/sh
• config(openssh-clients) = 9.9p1-3.el9
• crypto-policies >= 20200610-1
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.25)(64bit)
• libc.so.6(GLIBC_2.26)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.33)(64bit)
• libc.so.6(GLIBC_2.34)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• libc.so.6(GLIBC_2.8)(64bit)
• libcrypto.so.3()(64bit)
• libcrypto.so.3(OPENSSL_3.0.0)(64bit)
• libedit.so.0()(64bit)
• libfido2.so.1()(64bit)
• libgssapi_krb5.so.2()(64bit)
• libgssapi_krb5.so.2(gssapi_krb5_2_MIT)(64bit)
• libselinux.so.1()(64bit)
• libselinux.so.1(LIBSELINUX_1.0)(64bit)
• libz.so.1()(64bit)
• openssh = 9.9p1-3.el9
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

BSD

Changelog

* Tue Dec 09 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-3
  - Enable support for DSA keys
    Resolves: RHEL-127624
  - CVE-2025-61984: Reject usernames with control characters
    Resolves: RHEL-133959
  - CVE-2025-61985: Reject URL-strings with NULL characters
    Resolves: RHEL-133960
* Mon Oct 27 2025 Zoltan Fridrich <zfridric@redhat.com> - 9.9p1-2
  - Fix implicit destination path selection when source path ends with ".."
    Resolves: RHEL-119515
  - Canonicalize username when matching a user
    Resolves: RHEL-118372
* Wed Sep 10 2025 Pavol Žáčik <pzacik@redhat.com> - 9.9p1-1
  - Rebase to version 9.9
    Resolves: RHEL-108912
* Mon Jul 21 2025 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-46
  - Move the redhat help message to debug1 log level
    Resolves: RHEL-104580
* Tue Feb 18 2025 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-45
  - Fix missing error codes set and invalid error code checks in OpenSSH. It
    prevents memory exhaustion attack and a MITM attack when VerifyHostKeyDNS
    is on (CVE-2025-26465).
    Resolves: RHEL-78700
* Mon Oct 21 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-44
  - Add extra help information on ssh early failure
    Resolves: RHEL-33809
  - Provide details on crypto error instead of "error in libcrypto"
    Resolves: RHEL-52293
  - Allow duplicate Subsystem directive
    Resolves: RHEL-47112
* Tue Jul 09 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-43
  - Possible remote code execution due to a race condition (CVE-2024-6409)
    Resolves: RHEL-45741
* Thu Jul 04 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-42
  - Possible remote code execution due to a race condition (CVE-2024-6387)
    Resolves: RHEL-45348
* Mon Jun 03 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-41
  - Fix ssh multiplexing connect timeout processing
    Resolves: RHEL-37748
* Thu May 02 2024 Zoltan Fridrich <zfridric@redhat.com> - 8.7p1-40
  - Correctly audit hostname and IP address
    Resolves: RHEL-22316
  - Make default key sizes configurable in sshd-keygen
    Resolves: RHEL-26454
* Wed Apr 24 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-39
  - Use FIPS-compatible API for key derivation
    Resolves: RHEL-32809
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-38
  - Fix Terrapin attack
    Resolves: CVE-2023-48795
* Fri Jan 05 2024 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-37
  - Fix Terrapin attack
    Resolves: CVE-2023-48795
* Wed Dec 20 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.7p1-36
  - Fix Terrapin attack
    Resolves: CVE-2023-48795
  - Relax OpenSSH build-time checks for OpenSSL version
    Related: RHEL-4734
  - Forbid shell metasymbols in username/hostname
    Resolves: CVE-2023-51385

Files

/etc/ssh/ssh_config
/etc/ssh/ssh_config.d
/etc/ssh/ssh_config.d/50-redhat.conf
/usr/bin/scp
/usr/bin/sftp
/usr/bin/ssh
/usr/bin/ssh-add
/usr/bin/ssh-agent
/usr/bin/ssh-copy-id
/usr/bin/ssh-keyscan
/usr/lib/.build-id
/usr/lib/.build-id/18
/usr/lib/.build-id/18/4a070ff244472e1b5a7ce587b33ec4b4b9f77f
/usr/lib/.build-id/29
/usr/lib/.build-id/29/c87b2d0f538bfe4c784d943580346a82dcc103
/usr/lib/.build-id/55
/usr/lib/.build-id/55/34a4b1ba23883e2e323fefdc53244f0b034d2f
/usr/lib/.build-id/5d
/usr/lib/.build-id/5d/2bbf4d4a409678dbd14d2cd8646235d6a5b60c
/usr/lib/.build-id/73
/usr/lib/.build-id/73/498347ea11dd1cd10018da200b0b14172ac7a9
/usr/lib/.build-id/98
/usr/lib/.build-id/98/2dd37ff858ddaab550d488dab47d5b42a60d6a
/usr/lib/.build-id/bb
/usr/lib/.build-id/bb/7b2e590ac55eabc62c7ad176d203a89fef7141
/usr/lib/.build-id/e2
/usr/lib/.build-id/e2/2a866bc4eabd4104545179adb1723d07013d34
/usr/lib/systemd/user/ssh-agent.service
/usr/libexec/openssh/ssh-pkcs11-helper
/usr/libexec/openssh/ssh-sk-helper
/usr/share/man/man1/scp.1.gz
/usr/share/man/man1/sftp.1.gz
/usr/share/man/man1/ssh-add.1.gz
/usr/share/man/man1/ssh-agent.1.gz
/usr/share/man/man1/ssh-copy-id.1.gz
/usr/share/man/man1/ssh-keyscan.1.gz
/usr/share/man/man1/ssh.1.gz
/usr/share/man/man5/ssh_config.5.gz
/usr/share/man/man8/ssh-pkcs11-helper.8.gz
/usr/share/man/man8/ssh-sk-helper.8.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Dec 16 05:33:24 2025