[CLSA-2026:1778602853] Fix CVE(s): CVE-2026-7598

Type:

security

Severity:

Critical

Release date:

2026-05-12 16:20:58 UTC

Description:

   * SECURITY UPDATE: fix integer overflow in username_len bounds checks across userauth_list, userauth_password and password change paths in src/userauth.c
     - debian/patches/CVE-2026-7598.patch: fix integer overflow in username_len bounds checks across userauth_list, userauth_password and password change paths in src/userauth.c
     - CVE-2026-7598

Updated packages:

libssh2-1_1.8.0-1ubuntu0.1+tuxcare.els1_amd64.deb
sha:9f1829d3dc4e634bb4e64b269ceeafe99ba15c4d
libssh2-1-dev_1.8.0-1ubuntu0.1+tuxcare.els1_amd64.deb
sha:e65715c6dbdd6e753075697965ac49d64d457a59

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.