diff mbox series

[scarthgap,v2] openssh: fix CVE-2026-35386

Message ID 20260611135043.1463501-1-adarsh.jagadish.kamini@est.tech
State New
Headers show
Series [scarthgap,v2] openssh: fix CVE-2026-35386 | expand

Commit Message

Adarsh Jagadish Kamini June 11, 2026, 1:50 p.m. UTC 
From: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>

CVE-2026-35386 is already fixed by the existing CVE-2025-61984 backport.

Rename CVE-2025-61984.patch to CVE-2025-61984_CVE-2026-35386.patch and
add the second CVE tag to document that one patch covers both CVEs.

https://nvd.nist.gov/vuln/detail/CVE-2026-35386

Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
---
 ...CVE-2025-61984.patch => CVE-2025-61984_CVE-2026-35386.patch} | 2 +-
 meta/recipes-connectivity/openssh/openssh_9.6p1.bb              | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
 rename meta/recipes-connectivity/openssh/openssh/{CVE-2025-61984.patch => CVE-2025-61984_CVE-2026-35386.patch} (99%)
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2025-61984.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2025-61984_CVE-2026-35386.patch
similarity index 99%
rename from meta/recipes-connectivity/openssh/openssh/CVE-2025-61984.patch
rename to meta/recipes-connectivity/openssh/openssh/CVE-2025-61984_CVE-2026-35386.patch
index f705410b24..7fcb02d613 100644
--- a/meta/recipes-connectivity/openssh/openssh/CVE-2025-61984.patch
+++ b/meta/recipes-connectivity/openssh/openssh/CVE-2025-61984_CVE-2026-35386.patch
@@ -32,7 +32,7 @@  Slightly modified since variable expansion of user names was
 first released in 10.0, commit bd30cf784d6e8"
 
 Upstream-Status: Backport [Upstream commit https://github.com/openssh/openssh-portable/commit/35d5917652106aede47621bb3f64044604164043]
-CVE: CVE-2025-61984
+CVE: CVE-2025-61984 CVE-2026-35386
 Signed-off-by: David Nyström <david.nystrom@est.tech>
 ---
  ssh.c | 26 +++++++++++++++++++++++---
diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
index a1b5d4a553..ea158b56b4 100644
--- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
+++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb
@@ -33,7 +33,7 @@  SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar
            file://CVE-2025-26465.patch \
            file://CVE-2025-32728.patch \
            file://CVE-2025-61985.patch \
-           file://CVE-2025-61984.patch \
+           file://CVE-2025-61984_CVE-2026-35386.patch \
            file://CVE-2026-35385.patch \
            file://CVE-2026-35387.patch \
            file://CVE-2026-35388.patch \