UbuntuUpdates.org

Package "google-guest-agent"

Name: google-guest-agent

Description:

Google Compute Engine Guest Agent
Latest version: 20250116.00-0ubuntu1~24.04.3
Release: noble (24.04)
Level: security
Repository: main
Homepage: https://github.com/GoogleCloudPlatform/guest-agent

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "google-guest-agent"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "google-guest-agent" in Noble

Repository Area Version
base main 20240213.00-0ubuntu3
updates main 20250116.00-0ubuntu1~24.04.3

Changelog

Version: 20250116.00-0ubuntu1~24.04.3 2026-01-13 10:07:46 UTC

  google-guest-agent (20250116.00-0ubuntu1~24.04.3) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/extra/vendor/golang.org/x/crypto was patched
      with a backport of e79546e28b85ea53dd37afe1c4102746ef553b9c in file
      ssh/ssh_gss.go.
    - debian/extra/vendor adding patches-applied and README.txt for
      track/documentation propose about patches applied in vendored sources.
    - CVE-2025-58181

 -- Nishit Majithia <email address hidden> Fri, 09 Jan 2026 16:41:44 +0530
Source diff to previous version
CVE-2025-58181 SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause u

Version: 20250116.00-0ubuntu1~24.04.2 2025-11-03 13:07:15 UTC

  google-guest-agent (20250116.00-0ubuntu1~24.04.2) noble-security; urgency=medium

  * SECURITY UPDATE: Authorization bypass in SSH protocol
    - debian/extra/vendor/golang.org/x/crypto/ssh/server.go: Change
      maxCachedPubKeys to 1 and change limit checks. Based on:
      https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909
    - CVE-2024-45337

 -- Hlib Korzhynskyy <email address hidden> Thu, 23 Oct 2025 15:17:27 -0230
Source diff to previous version
CVE-2024-45337 Applications and libraries which misuse connection.serverAuthenticate (via callback field ServerConfig.PublicKeyCallback) may be susceptible to an au

Version: 20250116.00-0ubuntu1~24.04.1 2025-06-26 05:06:59 UTC

  google-guest-agent (20250116.00-0ubuntu1~24.04.1) noble-security; urgency=medium

  * No change rebuild due to golang-1.22 update

 -- Evan Caville <email address hidden> Thu, 19 Jun 2025 16:16:44 +1000
Source diff to previous version

Version: 20240716.00-0ubuntu1~24.04.1 2024-10-24 08:07:02 UTC

  google-guest-agent (20240716.00-0ubuntu1~24.04.1) noble-security; urgency=medium

  * No change rebuild due to golang-1.22 update

 -- Evan Caville <email address hidden> Thu, 24 Oct 2024 10:22:49 +1000
Source diff to previous version

Version: 20240213.00-0ubuntu3.2 2024-07-16 13:07:08 UTC

  google-guest-agent (20240213.00-0ubuntu3.2) noble-security; urgency=medium

  * No change rebuild due to golang-1.22 update

 -- Nishit Majithia <email address hidden> Tue, 16 Jul 2024 12:27:26 +0530


About   -   Send Feedback to @ubuntu_updates