Description of the patch:
This update for amazon-ssm-agent fixes the following issues
Update to version 3.3.4624.0:
- CVE-2025-22869: golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh
(bsc#1239342).
- CVE-2025-22870: golang.org/x/net/proxy: proxy bypass using IPv6 zone IDs (bsc#1238702).
- CVE-2025-47913: golang.org/x/crypto/ssh/agent: client process termination when receiving an unexpected message type in
response to a key listing or signing request (bsc#1253611).
- CVE-2026-1229: the CombinedMult function in the ecc/p384 package produces an incorrect value for specific inputs
(bsc#1265474).
- CVE-2026-25934: github.com/go-git/go-git/v5: improper verification of data integrity values for .pack and .idx files
can lead to the consumption of corrupted files (bsc#1258095).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege esca (bsc#1266781).
- CVE-2026-41506: github.com/go-git/go-git/v5: HTTP authentication credential leak when following redirects during
smart-HTTP clone and fetch operations (bsc#1264952).
- CVE-2026-44740: github.com/go-git/go-billy/v5: improper input handling in many components can lead to DoS via infinite
loops, panics or resource consumption (bsc#1267332).
- CVE-2026-39827: Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh (bsc#1266200).
- CVE-2026-39828: Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh (bsc#1266200).
- CVE-2026-39829: Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh (bsc#1266200).
- CVE-2026-39830: Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh
(bsc#1266200).
- CVE-2026-39831: Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh
(bsc#1266200).
- CVE-2026-39832: Invoking agent constraints dropped when...