Hello gophers,
Version v0.0.0-20211202192323-5770296d904e of
golang.org/x/crypto fixes a vulnerability in the
golang.org/x/crypto/ssh package which allowed unauthenticated clients to cause a panic in SSH servers.
This issue was discovered and reported by Rod Hynes, Psiphon Inc., and is tracked as CVE-2021-43565 and
Issue #49932.
Roland on behalf of the Go team