{"schema_version":"1.7.2","id":"OESA-2025-1550","modified":"2025-05-23T14:00:23Z","published":"2025-05-23T14:00:23Z","upstream":["CVE-2025-32728"],"summary":"openssh security update","details":"OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \\ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \\ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \\ capabilities, several authentication methods, and sophisticated configuration options.\r\n\r\nSecurity Fix(es):\n\nIn sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.(CVE-2025-32728)","affected":[{"package":{"ecosystem":"openEuler:22.03-LTS-SP4","name":"openssh","purl":"pkg:rpm/openEuler/openssh\u0026distro=openEuler-22.03-LTS-SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.8p1-35.oe2203sp4"}]}],"ecosystem_specific":{"aarch64":["openssh-8.8p1-35.oe2203sp4.aarch64.rpm","openssh-askpass-8.8p1-35.oe2203sp4.aarch64.rpm","openssh-clients-8.8p1-35.oe2203sp4.aarch64.rpm","openssh-debuginfo-8.8p1-35.oe2203sp4.aarch64.rpm","openssh-debugsource-8.8p1-35.oe2203sp4.aarch64.rpm","openssh-keycat-8.8p1-35.oe2203sp4.aarch64.rpm","openssh-server-8.8p1-35.oe2203sp4.aarch64.rpm","pam_ssh_agent_auth-0.10.4-4.35.oe2203sp4.aarch64.rpm"],"noarch":["openssh-help-8.8p1-35.oe2203sp4.noarch.rpm"],"src":["openssh-8.8p1-35.oe2203sp4.src.rpm"],"x86_64":["openssh-8.8p1-35.oe2203sp4.x86_64.rpm","openssh-askpass-8.8p1-35.oe2203sp4.x86_64.rpm","openssh-clients-8.8p1-35.oe2203sp4.x86_64.rpm","openssh-debuginfo-8.8p1-35.oe2203sp4.x86_64.rpm","openssh-debugsource-8.8p1-35.oe2203sp4.x86_64.rpm","openssh-keycat-8.8p1-35.oe2203sp4.x86_64.rpm","openssh-server-8.8p1-35.oe2203sp4.x86_64.rpm","pam_ssh_agent_auth-0.10.4-4.35.oe2203sp4.x86_64.rpm"]}}],"references":[{"type":"ADVISORY","url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1550"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32728"}],"database_specific":{"severity":"Medium"}}