OpenSSH 10.3 has been released, featuring critical patches that address command injection vulnerabilities and enforce stricter certificate rules for improved security. The update also introduces new escape sequences and multiplexing flags to simplify debugging of active connections without disrupting background sessions. Notably, it tightens handling of empty principals in certificates, which could previously allow unauthorized access, and enhances validation for user and host names in ProxyJump options. System administrators are urged to prioritize this upgrade to close known exploitation paths and ensure server integrity
OpenSSH 10.3 released
OpenSSH 10.3 arrives with critical patches that fix command injection vulnerabilities capable of executing arbitrary shell commands through user names. The update enforces stricter certificate rules so an empty principals section fails authentication instead of acting as a dangerous wildcard. New escape sequences and multiplexing flags make debugging active connections significantly easier without killing background sessions. System administrators should prioritize this upgrade immediately because the patches close known exploitation paths in standard setups.
