CLSA-2026-1773161124
See a problem?- Import Source
- https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/debian10els/CLSA-2026-1773161124.json
- JSON Data
- https://api.osv.dev/v1/vulns/CLSA-2026-1773161124
- Upstream
- Published
- 2026-03-10T16:45:29Z
- Modified
- 2026-06-04T09:45:21.786906727Z
- Summary
- Fix CVE(s): CVE-2021-22876, CVE-2025-15079
- Details
-
- SECURITY UPDATE: acceptance of hosts not listed in specified knownhosts
file during SSH-based transfers
- debian/patches/CVE-2025-15079.patch: Set both knownhosts options to same file and fix surprises caused by libssh exposing separate KNOWNHOSTS and GLOBAL
- CVE-2025-15079
- Regenerate Server-localhost-lastSAN-sv test certificate with SHA-256
- debian/patches/regenerate-lastSAN-cert-sha256.patch: Fix "ca md too weak" error with OpenSSL 1.1.1+ by replacing SHA-1 signed certificate with SHA-256. Also fixes Makefile.am bug for lastSAN target.
- Update failed test
- debian/patches/26_CVE-2021-22876.patch: Update test to avoid using unsupported commands
- Update failed test
- debian/patches/fix-test323-errorcode.patch: two valid error codes now
- Disable some tests
- debian/rules: add option to disable tests marked as flaky, fail the build if any test fails
- debian/patches/add-flaky-to-test1592.patch: mark test1592 as flaky
- debian/patches/disable-nss-failing-tests.patch: libnsspem.so is not available on Debian 10
- Remove unsupported test:
- debian/patches/test8-verify-that-ctrl-byte-cookies-are-ignored.patch: no ctrl-byte-cookies are supported
- SECURITY UPDATE: acceptance of hosts not listed in specified knownhosts
file during SSH-based transfers
- References