VUL-0: CVE-2023-48795: openssh: prefix truncation breaking ssh channel integrity aka Terrapin Attack VUL-0: CVE-2023-51385: openssh: command injection via user name or host name metacharacters VUL-0: CVE-2024-6387: openssh: regression of CVE-2006-5051 VUL-0: CVE-2024-39894: openssh: timing attacks against echo-off password entry alarrosa critical security

Security update for openssh

This update for openssh fixes the following issues: - CVE-2024-39894: Fixed timing attacks against echo-off password entry (bsc#1227318) - CVE-2024-6387: Fixed race condition in a signal handler (bsc#1226642). openssh openssh:openssh-askpass-gnome