File _patchinfo of Package patchinfo.33331

<patchinfo incident="33331">
  <issue tracker="bnc" id="1218871">SLES 15 SP4 MaintWeb - ssh closes /dev/z90crypt file handle too early for ssh login attempts</issue>
  <issue tracker="bnc" id="1216474">SLES 15 SP5 - openssh clients unable to use local accelerator cards via openssl-ibmca</issue>
  <issue tracker="bnc" id="1221123">Hostbased ssh login fails occasionally with " ... signature unverified: incorrect signature"</issue>
  <issue tracker="bnc" id="1222831">openssh 9.6 now uses the system crypto-policies</issue>
  <packager>alarrosa</packager>
  <rating>moderate</rating>
  <category>recommended</category>
  <summary>Recommended update for openssh</summary>
  <description>This update for openssh fixes the following issues:

- Fix hostbased ssh login failing occasionally with "signature
  unverified: incorrect signature" by fixing a typo in patch (bsc#1221123)
- Avoid closing IBM Z crypto devices nodes. (bsc#1218871)
- Allow usage of IBM Z crypto adapter cards in seccomp filters (bsc#1216474)

- Change the default value of UpdateHostKeys to Yes (unless
  VerifyHostKeyDNS is enabled).

  This makes ssh update the known_hosts stored keys with all published
  versions by the server (after it's authenticated with an existing
  key), which will allow to identify the server with a different key if
  the existing key is considered insecure at some point in the future
  (bsc#1222831).
</description>
</patchinfo>