pool/mcphost
SHA256
16
0
Fork 0
Code Issues Pull Requests Activity
Files
factory
mcphost/vendor.tar.gz
Egbert Eich d7bcf5b155 - Fix CVEs 
* GO-2025-4135 (CVE-2025-47914)
    SSH Agent servers do not validate the size of messages
    when processing new identity requests, which may cause
    the program to panic if the message is malformed due to
    an out of bounds read.
  * GO-2025-4116 (CVE-2025-47913)
    SSH clients receiving SSH_AGENT_SUCCESS when expecting a
    typed response will panic and cause early termination of
    the client process.
  * GO-2025-4134 (CVE-2025-58181, bsc#1253952).
    SSH servers parsing GSSAPI authentication
    requests do not validate the number of mechanisms
    specified in the request, allowing an attacker to cause
    unbounded memory consumption.

Signed-off-by: Egbert Eich <eich@suse.com>
2026-01-06 19:13:44 +01:00

4 lines
133 BLFS
Plaintext
Raw Permalink Blame History

version https://git-lfs.github.com/spec/v1
oid sha256:892f290db7cbaf6efb3415fc4004ae1cc451de652cbe745047deaf7da14e95e3
size 11343509
Reference in New Issue View Git Blame Copy Permalink