SUSE Package Hub - SUSE-PackageHub-16.0-packagehub-41

Update Info

SUSE-PackageHub-16.0-packagehub-41

Security update for act

Type: security

Severity: important

Issued: 2025-12-04

Description:

This update for act fixes the following issues:

- CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent client when
  receiving unexpected message types for key listing or signing requests (boo#1253608)

References

CVE: CVE-2025-47913
Bugzilla: 1253608 VUL-0: CVE-2025-47913: act: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request

Packages

act-0.2.64-bp160.2.1