[Deepin Integration]~[v25-Release] Fix CVE-2025-32728, CVE-2025-61984, CVE-2025-61985, CVE-2026-3497 by UTsweetyfish@deepin-community/openssh by deepin-community-ci-bot[bot]

[deepin-bot]

Package information | 软件包信息

包名	版本
openssh	1:9.9p2-0deepin5

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3822/testing/ ./

Changelog | 更新信息

openssh (1:9.9p2-0deepin5) unstable; urgency=medium

• Apply patches from upstream:
  • d/p/0033-upstream-Fix-logic-error-in-DisableForwarding-option.patch
    Fixes: CVE-2025-32728
  • d/p/0034-upstream-Make-a-copy-of-the-user-when-handling-ssh-l.patch
    Fixes a UAF by xstrdup(optarg)
  • d/p/0035-upstream-Improve-rules-for-expansion-of-username.patch
    Fixes: CVE-2025-61984
  • d/p/0036-upstream-don-t-allow-0-characters-in-url-encoded-str.patch
    d/p/0037-Add-more-username-validity-checks.patch
    Fixes: CVE-2025-61985
  • d/p/gssapi.patch
    Fixes: CVE-2026-3497

[deepin-bot]

Integration Test Info

Test suggestion | 测试建议

Influence | 影响范围

ADDITIONAL INFORMATION | 额外补充

[deepin-bot]

IntegrationProjector Notify the author
@UTsweetyfish: Integrated issue updated

[deepin-bot]

IntegrationProjector Bot
Deepin Testing Integration Project Manager Info
Link to deepin-community/Repository-Integration#3822