-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 05 May 2026 11:26:56 +0100
Source: openssh
Binary: openssh-client openssh-client-dbgsym openssh-client-udeb openssh-server openssh-server-dbgsym openssh-server-udeb openssh-sftp-server openssh-sftp-server-dbgsym openssh-tests openssh-tests-dbgsym ssh-askpass-gnome ssh-askpass-gnome-dbgsym
Architecture: armel
Version: 1:9.2p1-2+deb12u10
Distribution: bookworm
Urgency: medium
Maintainer: armel Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Colin Watson <cjwatson@debian.org>
Description:
 openssh-client - secure shell (SSH) client, for secure access to remote machines
 openssh-client-udeb - secure shell client for the Debian installer (udeb)
 openssh-server - secure shell (SSH) server, for secure access from remote machines
 openssh-server-udeb - secure shell server for the Debian installer (udeb)
 openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot
 openssh-tests - OpenSSH regression tests
 ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad
Closes: 1132572 1132573 1132574 1132575 1132576
Changes:
 openssh (1:9.2p1-2+deb12u10) bookworm; urgency=medium
 .
   * Backport minor security fixes from 10.3p1:
     - ssh(1): the -J and equivalent -oProxyJump="..." options now validate
       user and host names for ProxyJump/-J options passed via the
       command-line (no such validation is performed for this option in
       configuration files). This prevents shell injection in situations
       where these were directly exposed to adversarial input, which would
       have been a terrible idea to begin with.
     - CVE-2026-35386: ssh(1): validation of shell metacharacters in user
       names supplied on the command-line was performed too late to prevent
       some situations where they could be expanded from %-tokens in
       ssh_config. For certain configurations, such as those that use a "%u"
       token in a "Match exec" block, an attacker who can control the user
       name passed to ssh(1) could potentially execute arbitrary shell
       commands. Reported by Florian Kohnhäuser (closes: #1132573).
       We continue to recommend against directly exposing ssh(1) and other
       tools' command-lines to untrusted input. Mitigations such as this can
       not be absolute given the variety of shells and user configurations in
       use.
     - CVE-2026-35414: sshd(8): when matching an authorized_keys
       principals="" option against a list of principals in a certificate, an
       incorrect algorithm was used that could allow inappropriate matching
       in cases where a principal name in the certificate contains a comma
       character. Exploitation of the condition requires an authorized_keys
       principals="" option that lists more than one principal *and* a CA
       that will issue a certificate that encodes more than one of these
       principal names separated by a comma (typical CAs strongly constrain
       which principal names they will place in a certificate). This
       condition only applies to user- trusted CA keys in authorized_keys,
       the main certificate authentication path
       (TrustedUserCAKeys/AuthorizedPrincipalsFile) is not affected. Reported
       by Vladimir Tokarev (closes: #1132576).
     - CVE-2026-35385: scp(1): when downloading files as root in legacy (-O)
       mode and without the -p (preserve modes) flag set, scp did not clear
       setuid/setgid bits from downloaded files as one might typically
       expect. This bug dates back to the original Berkeley rcp program.
       Reported by Christos Papakonstantinou of Cantina and Spearbit (closes:
       #1132572).
     - CVE-2026-35387: sshd(8): fix incomplete application of
       PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard
       to ECDSA keys. Previously if one of these directives contains any
       ECDSA algorithm name (say "ecdsa-sha2-nistp384"), then any other ECDSA
       algorithm would be accepted in its place regardless of whether it was
       listed or not.  Reported by Christos Papakonstantinou of Cantina and
       Spearbit (closes: #1132574).
     - CVE-2026-35388: ssh(1): connection multiplexing confirmation
       (requested using "ControlMaster ask/autoask") was not being tested for
       proxy mode multiplexing sessions (i.e. "ssh -O proxy ..."). Reported
       by Michalis Vasileiadis (closes: #1132575).
Checksums-Sha1:
 1ec1d2c00e79d3b227a52dba1451513ce3269934 3465356 openssh-client-dbgsym_9.2p1-2+deb12u10_armel.deb
 7deac1dbe7bfa55fc219b0bbcea125140947a85a 336408 openssh-client-udeb_9.2p1-2+deb12u10_armel.udeb
 0468086a58ca19dcfdd042403cd22cb78103afb9 865252 openssh-client_9.2p1-2+deb12u10_armel.deb
 5fa9c141312b01dfe6517dc65a5287605cf46837 920896 openssh-server-dbgsym_9.2p1-2+deb12u10_armel.deb
 52ea3ea048714d7c1ae49a0e84a590507b115a2f 350656 openssh-server-udeb_9.2p1-2+deb12u10_armel.udeb
 5c2930e2d99c8b70eca15f78c022aee3b43f0d1b 401604 openssh-server_9.2p1-2+deb12u10_armel.deb
 57b59f82ca63f9e9d14c64c13b53ee1024a72792 164612 openssh-sftp-server-dbgsym_9.2p1-2+deb12u10_armel.deb
 38f699da4da02e037ab64f169529c10574abfe4f 56832 openssh-sftp-server_9.2p1-2+deb12u10_armel.deb
 77670c1ecf5bcfdd2c972fd2b5ead2e7f712b1ac 2716552 openssh-tests-dbgsym_9.2p1-2+deb12u10_armel.deb
 6357d6314255c313653c55ae1a93fc905df28250 927112 openssh-tests_9.2p1-2+deb12u10_armel.deb
 5e5caf372acd71b40e2b851092af46f09de9a664 18664 openssh_9.2p1-2+deb12u10_armel-buildd.buildinfo
 6061569fdc226794c79d4d345fd641a4c9826846 16868 ssh-askpass-gnome-dbgsym_9.2p1-2+deb12u10_armel.deb
 dd9eb12752e66525aca17a54e96467ef10233c7b 188684 ssh-askpass-gnome_9.2p1-2+deb12u10_armel.deb
Checksums-Sha256:
 25a5a81c8a2f4bff4cbcd288fbfff8bb437e54ea8984f24210343f96eb5593dc 3465356 openssh-client-dbgsym_9.2p1-2+deb12u10_armel.deb
 16a50cf61792428370e7a830e55fa86694240942735e96a1bc68c2ee4b7e0623 336408 openssh-client-udeb_9.2p1-2+deb12u10_armel.udeb
 6e77d4eb4c34d6038e77620d83811eacfdcef2f9afb1092ff2f7aac7469644d6 865252 openssh-client_9.2p1-2+deb12u10_armel.deb
 d819d37184ce53acc8385e018cd4aa70830092047a55361eaa59d0cb236ea2e8 920896 openssh-server-dbgsym_9.2p1-2+deb12u10_armel.deb
 16bfdba406d27cac7a3c81ba1c4fad1447e96451ffae1af7b1ec1c2e5f4457dd 350656 openssh-server-udeb_9.2p1-2+deb12u10_armel.udeb
 d695ae3182a402fa9ec8489172bdc5aea225393510c998f8eaa6d8f485f1cb82 401604 openssh-server_9.2p1-2+deb12u10_armel.deb
 2002ff653108fda342914bef3b046e2e95ac5baa5a22902711c37a9d65f695f8 164612 openssh-sftp-server-dbgsym_9.2p1-2+deb12u10_armel.deb
 08e1afff1442b0793c3c2b3c88ae50f1b9ab1fdc9d0b6e3d6f5a3c52f1847e2d 56832 openssh-sftp-server_9.2p1-2+deb12u10_armel.deb
 466eb46860f045a266bdb3954d3a5795bb71229302915da9c6860307d9064272 2716552 openssh-tests-dbgsym_9.2p1-2+deb12u10_armel.deb
 b7ec6bde5b83994fdd9b640d5d80e933fe125b20a98dc2a9c867a2d9ed0502ec 927112 openssh-tests_9.2p1-2+deb12u10_armel.deb
 d72e777e7ae174a25e39d1a1d5aafca4980cd1deb12d8564c9f19fb381fdb670 18664 openssh_9.2p1-2+deb12u10_armel-buildd.buildinfo
 7f28d178561f76975d981be5fa8587ef90c31c739eaa4513eab9638c63c1f5df 16868 ssh-askpass-gnome-dbgsym_9.2p1-2+deb12u10_armel.deb
 c4ae1549f59ec247c4b7ad4851c34376d93f667a07f0c347791d6bc0bff5b0be 188684 ssh-askpass-gnome_9.2p1-2+deb12u10_armel.deb
Files:
 37476db9ea716db0d6da763a9b32cdfa 3465356 debug optional openssh-client-dbgsym_9.2p1-2+deb12u10_armel.deb
 958eefc0e5688549b3277041b9a0e5f8 336408 debian-installer optional openssh-client-udeb_9.2p1-2+deb12u10_armel.udeb
 dcb7ef54e0efc50c5eb55685b996dca8 865252 net standard openssh-client_9.2p1-2+deb12u10_armel.deb
 446e0f6318c43ce20c55592679091bfb 920896 debug optional openssh-server-dbgsym_9.2p1-2+deb12u10_armel.deb
 d7c7199acbabac7117b033456b4de212 350656 debian-installer optional openssh-server-udeb_9.2p1-2+deb12u10_armel.udeb
 f5b76d62d33afb524f886033fb85a4d9 401604 net optional openssh-server_9.2p1-2+deb12u10_armel.deb
 d09ec694c3b40d77bb91cb484b810532 164612 debug optional openssh-sftp-server-dbgsym_9.2p1-2+deb12u10_armel.deb
 a478af6ef6c227a459f034e8b353170d 56832 net optional openssh-sftp-server_9.2p1-2+deb12u10_armel.deb
 af175f25e0d29aa946348e09d80867fa 2716552 debug optional openssh-tests-dbgsym_9.2p1-2+deb12u10_armel.deb
 e96444961ab4ff100c5cb86db5757941 927112 net optional openssh-tests_9.2p1-2+deb12u10_armel.deb
 25dd067ffe7698cd65895b74ea623e0b 18664 net standard openssh_9.2p1-2+deb12u10_armel-buildd.buildinfo
 521d5105736a6e1cecf6f42c706dfdd1 16868 debug optional ssh-askpass-gnome-dbgsym_9.2p1-2+deb12u10_armel.deb
 4d6f3aa46ed55406b0b4ef5d2b20b60a 188684 gnome optional ssh-askpass-gnome_9.2p1-2+deb12u10_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEJkN0BnKzGWWW6tS+G5VHrWJmwgcFAmn6PQcACgkQG5VHrWJm
wgeBoA//Yit0Obe+wXzKoxK6TXbxnKy/DSEADivzzr7/2mI63rhq7wvH6oeUXl+m
KHCl3k1tX1PTrHkxs8aPFGt2WYLLiT+pMvV3lDSuPfWwhfvZZZohZ7KL2tg6W07o
2qCoALWENmKrWvwKs4keNqiRICvDQfsLk9AeET6Pbk+8Ga/K053MI04rQDAbHRWA
IrKak8nuEkWhy7K7Rvh+iP8V3329ntMnb6os3rsZTMB2Lb2RNAajDEZH1FFUo3Fk
5t5UQvRnuPHDFPXUhcsufE1z0Y7UEFxFlwmfTQvUzkvvUryye5q40W2eNnVMsxdV
/1R3N+JatUg79IrB4fDM9C3KadT4ycDDPXTUBddFrM1e7Cq5x4wb3ZRQDkNjhbg7
CNv0ZuoJYBZ7GZ8r072tRq1R9n4vIfYuh0EYEBkB4+ujQlm44h3cMdYTrh3QIkLU
i9Ml2zKwegAUakSu2LbXYyMJxX8RiVA5apEXg7tUSDr26SxD7kVrJtLdRMu1jNjW
jXQ1Lzink+l/+i21oyEBQvUQuaHxS0X56s1Ud800BDHVCv8dmcp2smuBHnqKRvj/
BZwN6hgZCjH31hqSgaaK8e6j1Nx0ZPUInshVy610sAZUcJBfL+dm+butIbKPGeWu
GP1H9HhJNCF9PbtarA80KqGTgN9+ARW+mGOpzqTkFTj1JOt+9JI=
=Y4LT
-----END PGP SIGNATURE-----