[Git][security-tracker-team/security-tracker][master] Reference commit from OpenSSH implementing strict key exchange
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Dec 18 17:05:56 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6bca640a by Salvatore Bonaccorso at 2023-12-18T18:05:03+01:00
Reference commit from OpenSSH implementing strict key exchange
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,6 +7,7 @@ CVE-2023-48795 [General Protocol Flaw]
NOTE: https://terrapin-attack.com/
NOTE: https://www.openwall.com/lists/oss-security/2023/12/18/3
NOTE: OpenSSH: https://www.openwall.com/lists/oss-security/2023/12/18/2
+ NOTE: OpenSSH (strict key exchange): https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 (V_9_6_P1)
CVE-2023-41314
NOT-FOR-US: Apache Doris
CVE-2023-6909 (Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bca640aef34ad1e8bdc447a5c6a0879bf697cb5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6bca640aef34ad1e8bdc447a5c6a0879bf697cb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231218/a50f2955/attachment.htm>
More information about the debian-security-tracker-commits
mailing list