openssh-8.7p1-47.el9_7.ML.1

エラータID: AXSA:2025-11563:07

Release date: 
Monday, December 22, 2025 - 18:42
Subject: 
openssh-8.7p1-47.el9_7.ML.1
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server.

Security Fix(es):

* openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand (CVE-2025-61984)
* openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand (CVE-2025-61985)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-61984
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
CVE-2025-61985
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.

Solution: 

Update packages.

CVEs: 
CVE-2025-61984
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
CVE-2025-61985
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
Additional Info: 

N/A

Download: 

SRPMS
  1. openssh-8.7p1-47.el9_7.ML.1.src.rpm
    MD5: 2af6c81b7211282ddf337055ab7c934d
    SHA-256: d117f3ca1f01f0418c6921337eb4f4fe6b3189f28edaa8161cb39458b2235275
    Size: 2.30 MB

Asianux Server 9 for x86_64
  1. openssh-8.7p1-47.el9_7.ML.1.x86_64.rpm
    MD5: ba2a16059c629206985b40ec6a67ac76
    SHA-256: ab3e62ef5b35ad1c170630e8136eeb040c2d436c93ac1379d005c41b85f6d36a
    Size: 459.98 kB
  2. openssh-askpass-8.7p1-47.el9_7.ML.1.x86_64.rpm
    MD5: 38f41fb88b9e0559021a91769268aa8f
    SHA-256: 907e982df9e236a7f73a9aa2eae838fde36838db9b2854e21c857405019e0552
    Size: 16.66 kB
  3. openssh-clients-8.7p1-47.el9_7.ML.1.x86_64.rpm
    MD5: 47232c5f466ecb4299f9cba8a883870a
    SHA-256: 897589fe544e45a8cfa7c01336ec32aa994a00471dfb5d8778af9293681f1bd7
    Size: 712.62 kB
  4. openssh-keycat-8.7p1-47.el9_7.ML.1.x86_64.rpm
    MD5: 4b683ac921030bbf9f5ea68d94244800
    SHA-256: 7008703caf865fe3a388fa7a0a5e5ab751d5baf699ea9ddc3ee76bbf07a35243
    Size: 18.17 kB
  5. openssh-server-8.7p1-47.el9_7.ML.1.x86_64.rpm
    MD5: e34ae64a890006244f08f86984310bc2
    SHA-256: 6619b480a7fbcad6c021e5120e56b102c0db6fe7e45e17a39a3bd45c7a7470e7
    Size: 459.87 kB
  6. pam_ssh_agent_auth-0.10.4-5.47.el9_7.ML.1.x86_64.rpm
    MD5: e50d8fae9064569bd489b0d7970de28e
    SHA-256: c87aca30d50c34b4cde4fdc539de5881b9a10625c6621e94cd738a1a3776d90e
    Size: 64.98 kB