[Deepin Integration]~[v25-Release] fix(golang-go.crypto): CVE-2025-22869, CVE-2025-47913, CVE-2025-58181 by deepin-ci-robot@deepin-community/golang-go.crypto by deepin-community-ci-bot[bot]

[deepin-bot]

Package information | 软件包信息

包名	版本
golang-go.crypto	1:0.14.0-1deepin1

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-4045/testing/ ./

Changelog | 更新信息

golang-go.crypto (1:0.14.0-1deepin1) unstable; urgency=medium

• Fix CVE-2025-22869: ssh: limit the size of the internal packet queue
  while waiting for KEX to prevent memory exhaustion.
• Fix CVE-2025-47913: verify that RSA public key is odd before
  performing RSA encryption to prevent panic.
• Fix CVE-2025-58181: ssh: close connection on malformed channel data
  to prevent potential DoS.
• Skip DSA-related tests that fail with OpenSSH 9.9p2 which has
  removed DSA (ssh-dss) support.

[deepin-bot]

Integration Test Info

Test suggestion | 测试建议

Influence | 影响范围

ADDITIONAL INFORMATION | 额外补充

[deepin-bot]

IntegrationProjector Notify the author
@deepin: Integrated issue updated

[deepin-bot]

IntegrationProjector Bot
Deepin Testing Integration Project Manager Info
Link to deepin-community/Repository-Integration#4045