HCE3-SA-2025-0221 Low HCE 3.0 Security Fix(es): ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.) (CVE-2025-61984) ssh in OpenSSH before 10.1 allows the _x27;\0_x27; character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used. (CVE-2025-61985) HCE 3.0 openssh-9.6p1-3.r19.hce3.x86_64.rpm openssh-askpass-9.6p1-3.r19.hce3.x86_64.rpm openssh-clients-9.6p1-3.r19.hce3.x86_64.rpm openssh-help-9.6p1-3.r19.hce3.noarch.rpm openssh-keycat-9.6p1-3.r19.hce3.x86_64.rpm openssh-server-9.6p1-3.r19.hce3.x86_64.rpm pam_ssh_agent_auth-0.10.4-5.3.r19.hce3.x86_64.rpm openssh-9.6p1-3.r19.hce3.aarch64.rpm openssh-askpass-9.6p1-3.r19.hce3.aarch64.rpm openssh-clients-9.6p1-3.r19.hce3.aarch64.rpm openssh-keycat-9.6p1-3.r19.hce3.aarch64.rpm openssh-server-9.6p1-3.r19.hce3.aarch64.rpm pam_ssh_agent_auth-0.10.4-5.3.r19.hce3.aarch64.rpm