[Git][security-tracker-team/security-tracker][master] Track fixed issues in openssh via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 19 05:19:35 GMT 2023 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
42f14593 by Salvatore Bonaccorso at 2023-12-19T06:18:34+01:00
Track fixed issues in openssh via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35,11 +35,11 @@ CVE-2023-5348 (The Product Catalog Mode For WooCommerce WordPress plugin before
 CVE-2023-5005 (The Autocomplete Location field Contact Form 7 WordPress plugin before ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-51385 (In ssh in OpenSSH before 9.6, OS command injection might occur if a us ...)
-	- openssh <unfixed>
+	- openssh 1:9.6p1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2023/12/18/2
 	NOTE: https://github.com/openssh/openssh-portable/commit/7ef3787c84b6b524501211b11a26c742f829af1a (V_9_6_P1)
 CVE-2023-51384 (In ssh-agent in OpenSSH before 9.6, certain destination constraints ca ...)
-	- openssh <unfixed>
+	- openssh 1:9.6p1-1
 	NOTE: https://www.openwall.com/lists/oss-security/2023/12/18/2
 	NOTE: https://github.com/openssh/openssh-portable/commit/881d9c6af9da4257c69c327c4e2f1508b2fa754b (V_9_6_P1)
 CVE-2023-50372 (Cross-Site Request Forgery (CSRF) vulnerability in Hiroaki Miyashita C ...)
@@ -102,7 +102,7 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun
 	- golang-go.crypto <unfixed>
 	- libssh <unfixed>
 	- libssh2 <unfixed>
-	- openssh <unfixed>
+	- openssh 1:9.6p1-1
 	- paramiko <unfixed>
 	- putty 0.80-1
 	- proftpd-dfsg <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42f14593586f5ad8ca64cd56a87ff09f30249941

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/42f14593586f5ad8ca64cd56a87ff09f30249941
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231219/e379bfa5/attachment.htm>

More information about the debian-security-tracker-commits mailing list