Go-tuf Improperly handles multiple key IDs for the same public keys in attacker-controlled metadata

Issue If an attacker is able to control a threshold of keys to insert the same public key more than once with different key IDs into signed, trusted metadata on a TUF repository, then go-tuf clients 0.3.2 are susceptible to an attack where attackers can cause the same signature from the same publ...

openssh security and bug fix update

5.3p1-122 - Allow to use ibmca crypto hardware 1397547 - CVE-2015-8325: privilege escalation via user's PAM environment and UseLogin=yes 1405374 5.3p1-121 - Fix missing hmac-md5-96 from server offer 1373836 5.3p1-120 - Prevent infinite loop when Ctrl+Z pressed at password prompt 1218424 - Remove...