-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 May 2026 11:26:56 +0100
Source: openssh
Binary: ssh
Architecture: all
Version: 1:9.2p1-2+deb12u10
Distribution: bookworm
Urgency: medium
Maintainer: all Build Daemon (x86-csail-02) <buildd_all-x86-csail-02@buildd.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 ssh        - secure shell client and server (metapackage)
Closes: 1132572 1132573 1132574 1132575 1132576
Changes:
 openssh (1:9.2p1-2+deb12u10) bookworm; urgency=medium
 .
   * Backport minor security fixes from 10.3p1:
     - ssh(1): the -J and equivalent -oProxyJump="..." options now validate
       user and host names for ProxyJump/-J options passed via the
       command-line (no such validation is performed for this option in
       configuration files). This prevents shell injection in situations
       where these were directly exposed to adversarial input, which would
       have been a terrible idea to begin with.
     - CVE-2026-35386: ssh(1): validation of shell metacharacters in user
       names supplied on the command-line was performed too late to prevent
       some situations where they could be expanded from %-tokens in
       ssh_config. For certain configurations, such as those that use a "%u"
       token in a "Match exec" block, an attacker who can control the user
       name passed to ssh(1) could potentially execute arbitrary shell
       commands. Reported by Florian Kohnhäuser (closes: #1132573).
       We continue to recommend against directly exposing ssh(1) and other
       tools' command-lines to untrusted input. Mitigations such as this can
       not be absolute given the variety of shells and user configurations in
       use.
     - CVE-2026-35414: sshd(8): when matching an authorized_keys
       principals="" option against a list of principals in a certificate, an
       incorrect algorithm was used that could allow inappropriate matching
       in cases where a principal name in the certificate contains a comma
       character. Exploitation of the condition requires an authorized_keys
       principals="" option that lists more than one principal *and* a CA
       that will issue a certificate that encodes more than one of these
       principal names separated by a comma (typical CAs strongly constrain
       which principal names they will place in a certificate). This
       condition only applies to user- trusted CA keys in authorized_keys,
       the main certificate authentication path
       (TrustedUserCAKeys/AuthorizedPrincipalsFile) is not affected. Reported
       by Vladimir Tokarev (closes: #1132576).
     - CVE-2026-35385: scp(1): when downloading files as root in legacy (-O)
       mode and without the -p (preserve modes) flag set, scp did not clear
       setuid/setgid bits from downloaded files as one might typically
       expect. This bug dates back to the original Berkeley rcp program.
       Reported by Christos Papakonstantinou of Cantina and Spearbit (closes:
       #1132572).
     - CVE-2026-35387: sshd(8): fix incomplete application of
       PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard
       to ECDSA keys. Previously if one of these directives contains any
       ECDSA algorithm name (say "ecdsa-sha2-nistp384"), then any other ECDSA
       algorithm would be accepted in its place regardless of whether it was
       listed or not.  Reported by Christos Papakonstantinou of Cantina and
       Spearbit (closes: #1132574).
     - CVE-2026-35388: ssh(1): connection multiplexing confirmation
       (requested using "ControlMaster ask/autoask") was not being tested for
       proxy mode multiplexing sessions (i.e. "ssh -O proxy ..."). Reported
       by Michalis Vasileiadis (closes: #1132575).
Checksums-Sha1:
 79245c3dc911832c57f4981bf2b89e12695827a5 15229 openssh_9.2p1-2+deb12u10_all-buildd.buildinfo
 7f7190f54adad17d3fe40cd428958a23235c294d 175712 ssh_9.2p1-2+deb12u10_all.deb
Checksums-Sha256:
 65032103f62006f1ba8784996663a467533c151a7694c863300c2b38cc0ab412 15229 openssh_9.2p1-2+deb12u10_all-buildd.buildinfo
 93f23d1976f62688790b4e7bda6e462bdf78323e227cefcdbab955168fdd9c2f 175712 ssh_9.2p1-2+deb12u10_all.deb
Files:
 0909b4f072a9546dfcc18414f29f932c 15229 net standard openssh_9.2p1-2+deb12u10_all-buildd.buildinfo
 43c65e2040591ed599cdb39ff953bb3c 175712 net optional ssh_9.2p1-2+deb12u10_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEXLxUpUHQBQBTDtd4aBVi67oXtfkFAmn6OjsACgkQaBVi67oX
tflSzxAAlR6xdYXltNKnlnAt9/rHGmof7rgeKfTRdEg8noP0HTinGesavaqIQZjO
SihSkZc8qCUs2g4JYkAyuPpHGGWGH+Hnw+0SE4tP5zciNNprFFyt1SNkTw9qLFgQ
Km+rj3tx65362nIRrJQwfTMgxxj419t5N/LhNDp0Es4ysSfexs52doT5v4lRh+8N
TqUoaqRvKRJ5niQWCk68rMDZQKXKgK/twLRegV14U1ApFS9VE04lk50J2DcNHDma
qIN9OSuWADAkpn8DE4Fk1cjCDuo+D2iuWazY4bzDvrfusBWQxIY6VTsQ1u1NYofa
SQ8XYf0bXRFzLMy2vIePST3Dc15y1yQ1AjbokQbPK+KdK+T9/kLs7bDjvHFkNwTl
X46ta8aCsSclyqp6rs8jK7iNegaPLnA5TN1blwhl9PTTq9XbzBqQaFETSK4Ork5n
rmt3M/JNpdm4eZd8A0AEweSJSN8MHlwJKxSdlmgzt7Z+YpvotEbJA2GeSQp+Vn1+
pOBhWahPDvKW5QEJ6kl9ovwiLtEpNoToRVn7Q2FPTKHrWTdlsS5VL+VAwRyj1WUz
M7srmdVoAAi+AXdrDF0gVJ+jNoH2hF/3yzbrseCy2T7EoCShrYF8XU7lWOHPFmbU
0acflicFYitDPsWUDT7lERix62xLkPEVcHSUzHW45h5Sd3nhzSg=
=FVf+
-----END PGP SIGNATURE-----