A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.

Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh

A malicious SSH peer could send unsolicited global request responses t ...

golang.org/x/crypto/ssh: Invoking client can cause server deadlock on unexpected responses

Important: buildah security update

ELSA-2026-29455: buildah security update (IMPORTANT)

Security update for hauler

Security update for trivy

Security update for apptainer

Security update for google-osconfig-agent

Security update for google-osconfig-agent

Security update for keybase-client

Security update for apptainer

Security update for trivy

Security update for amazon-ssm-agent

Security update for amazon-ssm-agent

Security update for google-guest-agent

Security update for google-guest-agent