OPENSUSE-SU-2026:20851-1 Security update for putty

This update for putty fixes the following issues: Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion failure - program termination in NIST ECDSA signature verification. Fixed marking of Telnet and...

EUVD-2023-27847

Malicious code in bioql PyPI...

Authentication flaw

An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed an unauthorized actor to modify other users' secret gists by authenticating through an SSH certificate authority. To do so, a user had to know the secret gist's URL. This vulnerability affected all...

PT-2023-19186 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions prior to 3.9 Description: An improper authentication issue was identified that allowed unauthorized modification of other users' secret gists by authenticating through an SSH certificate authority, provided t...

Uber: pam_ussh does not properly validate the SSH certificate authority

The pamussh module that Uber open-sourced in https://github.com/uber/pam-ussh does not validate that the SSH certificate presented by a user is actually signed by a trusted CA listed in the configured cafile...

Uber Debuts SSH Key Authentication Module

Developers at Uber have unveiled a new module to help users enable the continuous re-authentication of SSH keys. The company wrote the module in order to work alongside another tool, a SSH Certificate Authority it designed, to keep stock of public SSH keys. While its CA is for its internal use,...