[Git][security-tracker-team/security-tracker][master] Add note about regression introduced by CVE-2023-6004/libssh fixes
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Dec 22 12:24:04 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8adfd481 by Salvatore Bonaccorso at 2023-12-22T13:23:09+01:00
Add note about regression introduced by CVE-2023-6004/libssh fixes
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5688,6 +5688,8 @@ CVE-2023-6004
NOTE: https://gitlab.com/libssh/libssh-mirror/-/commit/62d3101c1f76b6891b70c50154e0e934d6b8cb57 (libssh-0.10.6)
NOTE: https://gitlab.com/libssh/libssh-mirror/-/commit/cea841d71c025f9c998b7d5fc9f2a2839df62921 (libssh-0.10.6)
NOTE: https://gitlab.com/libssh/libssh-mirror/-/commit/2c492ee179d5caa2718c5e768bab6e0b2b64a8b0 (libssh-0.10.6)
+ NOTE: Original patchset introduces a regression (with IPv6 parsing in ssh_options_set API):
+ NOTE: https://gitlab.com/libssh/libssh-mirror/-/issues/227
CVE-2023-5983 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: Botanik Software Pharmacy Automation
CVE-2023-5921 (Improper Enforcement of Behavioral Workflow vulnerability in DECE Soft ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8adfd481cb27641a59b435d2f82b7f0ff6b22092
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8adfd481cb27641a59b435d2f82b7f0ff6b22092
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231222/857008a6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list