-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 05 May 2026 11:25:39 +0100 Source: openssh Binary: openssh-client-gssapi openssh-server-gssapi ssh Architecture: all Version: 1:10.0p1-7+deb13u3 Distribution: trixie Urgency: medium Maintainer: all Build Daemon (x86-grnet-02) Changed-By: Colin Watson Description: openssh-client-gssapi - secure shell (SSH) client, with GSS-API support openssh-server-gssapi - secure shell (SSH) server, with GSS-API key exchange ssh - secure shell client and server (metapackage) Closes: 1132572 1132573 1132574 1132575 1132576 Changes: openssh (1:10.0p1-7+deb13u3) trixie; urgency=medium . * Backport minor security fixes from 10.3p1: - ssh(1): the -J and equivalent -oProxyJump="..." options now validate user and host names for ProxyJump/-J options passed via the command-line (no such validation is performed for this option in configuration files). This prevents shell injection in situations where these were directly exposed to adversarial input, which would have been a terrible idea to begin with. - CVE-2026-35386: ssh(1): validation of shell metacharacters in user names supplied on the command-line was performed too late to prevent some situations where they could be expanded from %-tokens in ssh_config. For certain configurations, such as those that use a "%u" token in a "Match exec" block, an attacker who can control the user name passed to ssh(1) could potentially execute arbitrary shell commands. Reported by Florian Kohnhäuser (closes: #1132573). We continue to recommend against directly exposing ssh(1) and other tools' command-lines to untrusted input. Mitigations such as this can not be absolute given the variety of shells and user configurations in use. - CVE-2026-35414: sshd(8): when matching an authorized_keys principals="" option against a list of principals in a certificate, an incorrect algorithm was used that could allow inappropriate matching in cases where a principal name in the certificate contains a comma character. Exploitation of the condition requires an authorized_keys principals="" option that lists more than one principal *and* a CA that will issue a certificate that encodes more than one of these principal names separated by a comma (typical CAs strongly constrain which principal names they will place in a certificate). This condition only applies to user- trusted CA keys in authorized_keys, the main certificate authentication path (TrustedUserCAKeys/AuthorizedPrincipalsFile) is not affected. Reported by Vladimir Tokarev (closes: #1132576). - CVE-2026-35385: scp(1): when downloading files as root in legacy (-O) mode and without the -p (preserve modes) flag set, scp did not clear setuid/setgid bits from downloaded files as one might typically expect. This bug dates back to the original Berkeley rcp program. Reported by Christos Papakonstantinou of Cantina and Spearbit (closes: #1132572). - CVE-2026-35387: sshd(8): fix incomplete application of PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms with regard to ECDSA keys. Previously if one of these directives contains any ECDSA algorithm name (say "ecdsa-sha2-nistp384"), then any other ECDSA algorithm would be accepted in its place regardless of whether it was listed or not. Reported by Christos Papakonstantinou of Cantina and Spearbit (closes: #1132574). - CVE-2026-35388: ssh(1): connection multiplexing confirmation (requested using "ControlMaster ask/autoask") was not being tested for proxy mode multiplexing sessions (i.e. "ssh -O proxy ..."). Reported by Michalis Vasileiadis (closes: #1132575). * Cherry-pick IPQoS handling updates from upstream: - Set default IPQoS for interactive sessions to Expedited Forwarding (EF). - Deprecate support for IPv4 type-of-service (TOS) IPQoS keywords. - Make ssh(1) and sshd(8) set IP QoS (aka IP_TOS, IPV6_TCLASS) continually at runtime based on what sessions/channels are open. - Correctly set extended type for client-side channels. Fixes interactive vs bulk IPQoS for client->server traffic. Checksums-Sha1: 164d101fb55abf6ebec9f0af43f760af07b606dd 144904 openssh-client-gssapi_10.0p1-7+deb13u3_all.deb 8ac2f6602d211b04eff58046766caf682883bec5 144908 openssh-server-gssapi_10.0p1-7+deb13u3_all.deb 5aed6ff2f3b78effd3aafeac71f7a3b838d85825 15758 openssh_10.0p1-7+deb13u3_all-buildd.buildinfo 3177abd57eda542439608cf526d462746b180d19 144508 ssh_10.0p1-7+deb13u3_all.deb Checksums-Sha256: cabca35329e4375b24a279af379393dae7e0904d6f848c75c71f03952eb917a8 144904 openssh-client-gssapi_10.0p1-7+deb13u3_all.deb 65e0cc6ec09c5b71cb19771c7689212fb3e684ac2d45389d8b325c1d9f87b1a5 144908 openssh-server-gssapi_10.0p1-7+deb13u3_all.deb dc955be8a067fd8fd7c2ce97f95724541c915b1e9bd3d25c5bcf26c60d14608d 15758 openssh_10.0p1-7+deb13u3_all-buildd.buildinfo 206890fd5a5e1c046480ce00ec98db7436966c145afbe8bfd53e20a7d3a1fb8b 144508 ssh_10.0p1-7+deb13u3_all.deb Files: 30c8b70f574f6445fb764be8da2c2f0b 144904 net optional openssh-client-gssapi_10.0p1-7+deb13u3_all.deb a021dadd00b1c5fe50ac47b503d4d8f4 144908 net optional openssh-server-gssapi_10.0p1-7+deb13u3_all.deb dff9c9ed066d4cae4807cea9600ebb82 15758 net standard openssh_10.0p1-7+deb13u3_all-buildd.buildinfo e401bf9418462917a7254f6f05c153ff 144508 net optional ssh_10.0p1-7+deb13u3_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE81O8NL+3kjBAqEvLmgPNRvTf/zcFAmn6OngACgkQmgPNRvTf /zdkig/9HlkdVOo8k2NARcVsZHhySmwZpOs/YAqOjNbwSOLfDe5zXvZga4QLdfLk KwpqGGGwgvrmig28E/XCLFOcYa5ahBPZUql9ETxknplhucbx/IwFj7ZzsNhvlsRl 9OZANmPDmewcDV7pFyJijM/yNYzt7EN2blivLhPAjAsvqYtauP10LV1AJjvlBA9o PmLYylmtJD9KFMXSHdt3s9A42BZGpWbWZLxdjOcCzC2vNh/oqkr6WV4YOiAQaMdu K+A48iavrPeH5MWguA66Urh53WPgj1X0Uwv0ngfcn/PwBmNv7YoERXvTXjs3dBDV SzigEHpQWVQGaODY3Voq+quCZXNxEcxMviF0hzpedoSMUhbNagw/7niK6rYfyhcC 7VjCG85DiXSA4yTBxKCD3K2cR8OVMrPeauI1vDt0yIuH0QDt+7ByTJkHsCYx6coe eL6V1uiZ+X4FwdV7V7mfauKMwx0AzRabuGWUaFLb+t/AXt7dxmXDhvFCT7z+lzS1 bgmC/SeKhfy3jT2bx3Jh/q7OB37HGXP33Vyj7ZlDbsW2z8gWWPGP/f/tA5cDvcGP EGBm2ds/qdCv+3+ua2dfc3cxfjFNDMgnl3dHBaoNp+tg1CcnuDqTdLjBXrGl6rWR ce7fRWQnJov3ia9nipFMf47S2zWGWd1nMzXYoNJBrNbcOlhXkNs= =FSZA -----END PGP SIGNATURE-----