Overview

File _patchinfo of Package patchinfo.41558

<patchinfo incident="41558">
  <issue tracker="cve" id="2025-61984"/>
  <issue tracker="cve" id="2025-61985"/>
  <issue tracker="bnc" id="1251198">VUL-0: CVE-2025-61984: openssh: code execution via control characters in usernames when a ProxyCommand is used</issue>
  <issue tracker="bnc" id="1251199">VUL-0: CVE-2025-61985: openssh: code execution via '\0' character in ssh:// URI when a ProxyCommand is used</issue>
  <packager>hpjansson</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for openssh</summary>
  <description>This update for openssh fixes the following issues:

- CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used (bsc#1251198)
- CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used (bsc#1251199)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places