Alerts This Week
Warning Icon 1 1,529
Alerts This Week
Warning Icon 1 1,529

Fedora 44 opkssh Primary SSH Command Problems and Denial of Service Threats

fedora
Calendar Grey July 1, 2026
Dist Fedora Esm H88
Update for Fedora 44 addressing important security issues in opkssh. Critical updates for OpenPubkey SSH functionality.
Update bundled golang.org/x/crypto to 0.53.0

Summary

OpenPubkey SSH is a tool which enables ssh to be used with OpenID Connect

allowing SSH access to be managed via identities like alice@example.com instead

of long-lived SSH keys.

Update Information:

Update bundled golang.org/x/crypto to 0.53.0

Change Log

* Mon Jun 22 2026 Till Hofmann - 0.14.0-3 - Update bundled golang.org/x/crypto to 0.53.0

References


[ 1 ] Bug #2489950 - CVE-2026-39828 opkssh: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2489950 [ 2 ] Bug #2490498 - CVE-2026-39830 opkssh: golang.org/x/crypto/ssh: Denial of Service via resource leak from unsolicited SSH responses [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2490498

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-7794729685' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: opkssh
Product: Fedora 44
Version: 0.14.0
Release: 3.fc44
Summary: OpenPubkey SSH

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here