Gusted 3e1b03838e fix: ensure correct ssh public key is used for authentication ... - The root cause is described in b4f1988a35 - Move to a fork of `github.com/gliderlabs/ssh` that exposes the permissions that was chosen by `x/crypto/ssh` after succesfully authenticating, this is the recommended mitigation by the Golang security team. The fork exposes this, since `gliderlabs/ssh` instead relies on context values to do so, which is vulnerable to the same attack, although partially mitigated by the fix in `x/crypto/ssh` it would not be good practice and defense deep to rely on it. - Existing tests covers that the functionality is preserved. - No tests are added to ensure it fixes the described security, the exploit relies on non-standard SSH behavior it would be too hard to craft SSH packets to exploit this.		2024-12-12 05:54:07 +01:00
..
actions
activitypub
analyze
assetfs
auth
avatar
base
cache
card
charset
container
csv
emoji
eventsource
forgefed
generate
git
gitgraph
gitrepo
graceful
hcaptcha
highlight
hostmatcher
html
httpcache
httplib
indexer
issue/template
json
keying
label
lfs	Use 8 as default value for git lfs concurrency (#32421)	2024-12-06 00:17:57 +01:00
log
markup
mcaptcha
metrics
migration
nosql
optional
options
packages	Add support for indexing arch files	2024-12-09 11:34:50 +08:00
paginator
pprof
private
process
proxy
proxyprotocol
public
queue
recaptcha
references
regexplru
repository
secret
session
setting	Use 8 as default value for git lfs concurrency (#32421)	2024-12-06 00:17:57 +01:00
sitemap
ssh	fix: ensure correct ssh public key is used for authentication	2024-12-12 05:54:07 +01:00
storage
structs
svg
sync
system
templates
test
testlogger
timeutil
translation
turnstile
typesniffer
updatechecker
uri
user
util
validation
web
webhook
zstd