Hello gophers,
We plan to issue a security fix for the
golang.org/x/crypto/ssh package in the
golang.org/x/crypto module on Monday, December 18th.
This will cover CVE-2023-48795.
Following our security policy, this is the pre-announcement of that fix.
Cheers,
Roland on behalf of the Go team