Previously, CVE-2024-45337 fixed an authorization bypass
for misused ssh server configurations; if any other type
of callback is passed other than public key, then the
source-address validation would be skipped.
This is CVE-2026-46595 and Go issue https://go.dev/issue/79570.
This was a PRIVATE track issue, tracked in http://b/497232232.
Previously, CVE-2024-45337 fixed an authorization bypass
for misused ssh server configurations; if any other type
of callback is passed other than public key, then the
source-address validation would be skipped.
This is CVE-2026-46595 and Go issue https://go.dev/issue/79570.
This was a PRIVATE track issue, tracked in http://b/497232232.