#Debian once again introduced a security flaw to #OpenSSH with their custom patches applied to Debian OpenSSH packages 🥳

"Jeremy Brown discovered a flaw in the GSSAPI Key Exchange patch applied in Debian to OpenSSH, an implementation of the SSH protocol suite, affecting non-default configurations with the GSSAPIKeyExchange setting enabled. A remote attacker can take advantage of this flaw to cause a denial of service, or potentially the execution of arbitrary code."

https://lists.debian.org/debian-security-announce/2026/msg00114.html

#itsecurity