Index: /branches/rel_ag_9_4_5/openssh/CVE-2023-48795.patch
===================================================================
--- /branches/rel_ag_9_4_5/openssh/CVE-2023-48795.patch	(revision 0)
+++ /branches/rel_ag_9_4_5/openssh/CVE-2023-48795.patch	(working copy)
@@ -0,0 +1,37 @@
+--- myproposal.h	2017-03-20 10:39:27.000000000 +0800
++++ myproposal-mod.h	2026-03-10 11:53:45.000000000 +0800
+@@ -117,7 +117,6 @@
+ /* the actual algorithms */
+ 
+ #define KEX_SERVER_ENCRYPT \
+-	"chacha20-poly1305@openssh.com," \
+ 	"aes128-ctr,aes192-ctr,aes256-ctr" \
+ 	AESGCM_CIPHER_MODES
+ 
+@@ -125,11 +124,6 @@
+ 	"aes128-cbc,aes192-cbc,aes256-cbc"
+ 
+ #define KEX_SERVER_MAC \
+-	"umac-64-etm@openssh.com," \
+-	"umac-128-etm@openssh.com," \
+-	"hmac-sha2-256-etm@openssh.com," \
+-	"hmac-sha2-512-etm@openssh.com," \
+-	"hmac-sha1-etm@openssh.com," \
+ 	"umac-64@openssh.com," \
+ 	"umac-128@openssh.com," \
+ 	"hmac-sha2-256," \
+@@ -147,14 +141,8 @@
+ 	"ssh-ed25519-cert-v01@openssh.com," \
+ 	"ssh-ed25519"
+ #define	KEX_SERVER_ENCRYPT \
+-	"chacha20-poly1305@openssh.com," \
+ 	"aes128-ctr,aes192-ctr,aes256-ctr"
+ #define	KEX_SERVER_MAC \
+-	"umac-64-etm@openssh.com," \
+-	"umac-128-etm@openssh.com," \
+-	"hmac-sha2-256-etm@openssh.com," \
+-	"hmac-sha2-512-etm@openssh.com," \
+-	"hmac-sha1-etm@openssh.com," \
+ 	"umac-64@openssh.com," \
+ 	"umac-128@openssh.com," \
+ 	"hmac-sha2-256," \
Index: /branches/rel_ag_9_4_5/openssh/Makefile
===================================================================
--- /branches/rel_ag_9_4_5/openssh/Makefile	(revision 20606)
+++ /branches/rel_ag_9_4_5/openssh/Makefile	(working copy)
@@ -16,6 +16,7 @@
 		./configure --prefix=/ca --with-ssh1 --with-zlib=../$(ZLIB_PKG) --with-ssl-dir=../openssl;\
 		patch < ../array_patch;\
 		patch < ../diff_CVE_2018_15473.patch; \
+		patch < ../CVE-2023-48795.patch; \
 	fi
 
 	cp sshd_config $(SSH_PKG)/