SUSE Package Hub - openSUSE-2025-451

Update Info

openSUSE-2025-451

Security update for act

Type: security

Severity: important

Issued: 2025-12-01

Description:

This update for act fixes the following issues:

- CVE-2025-47913: Prevent panic in embedded golang.org/x/crypto/ssh/agent client when
  receiving unexpected message types for key listing or signing requests (boo#1253608)

References

CVE: CVE-2025-47913
Bugzilla: 1253608 VUL-0: CVE-2025-47913: act: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in response to a key listing or signing request

Packages

act-0.2.45-bp156.2.3.1