CVE-2026-35414 where is the patch

Damien Miller djm at mindrot.org
Fri Apr 10 08:10:19 AEST 2026

Previous message (by thread): CVE-2026-35414 where is the patch
Next message (by thread): Request regarding CHAN_INPUT_MAX
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 9 Apr 2026, Zoltan Fridrich via openssh-unix-dev wrote:

> Hello,
> 
> I am looking to patch CVE-2026-35414 but looking through the upstream
> commits I am unsure which one contains the fix.
> The commit that even remotely sounds related to the CVE is 5166b6c.
> Can somebody confirm that this is the fix for the CVE-2026-35414?

fd1c7e131f3 auth2-pubkeyfile.c

Previous message (by thread): CVE-2026-35414 where is the patch
Next message (by thread): Request regarding CHAN_INPUT_MAX
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the openssh-unix-dev mailing list