File _patchinfo of Package patchinfo.37539

<patchinfo incident="37539">
  <issue tracker="bnc" id="1201750">L3-Question: backport HostKeyAlgorithms rsa-sha2-256,rsa-sha2-512</issue>
  <issue tracker="bnc" id="1220110">openssh update does reset sshd service status</issue>
  <issue tracker="bnc" id="1161684">sshd deadlock when AuthorizedKeysCommand produces a lot of output ref:_00D1igLOd._5001iKI9IG:ref</issue>
  <issue tracker="bnc" id="1148566">L3-Question: oracle cluster issue with  cluvfy using "scp" failing/missinterpreted after upgrading ref:_00D1igLOd._5001iKKNzK:ref</issue>
  <issue tracker="bnc" id="1225637">OpenSSH fix request to login with teraterm</issue>
  <issue tracker="bnc" id="1237040">VUL-0: CVE-2025-26465: openssh,openssh8.4: MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client</issue>
  <issue tracker="cve" id="2025-26465"/>
  <issue tracker="jsc" id="SLE-24929"/>
  <issue tracker="jsc" id="SLE-24949"/>
  <packager>alarrosa</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for openssh</summary>
  <description>This update for openssh fixes the following issues:

- CVE-2025-26465: Fixed a MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (bsc#1237040).

Other bugfixes:

- Write active/enabled switch over files only if not yet present (bsc#1220110).
- Add patch backported from upstream to add a s390 specific ioctl for ecc hardware support (bsc#1225637).
- Add conflicts with openssh8.4-(server|clients|common) packages to make the downgrading from openssh 8.4 back to 7.2 easier (SLE-24929, bsc#1201750).
- Fix a class of false alarms due to filename validation (bsc#1148566).
- Fix a deadlock when AuthorizedKeysCommand or AuthorizedPrincipalsCommand produce a lot of output and a key is matched early (bsc#1161684). 
</description>
</patchinfo>