[Git][security-tracker-team/security-tracker][master] add openssh commit references

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Dec 30 17:20:32 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
985d8415 by Moritz Muehlenhoff at 2025-12-30T18:15:34+01:00
add openssh commit references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -30241,6 +30241,7 @@ CVE-2025-61985 (ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:/
 	[bookworm] - openssh <no-dsa> (Minor issue)
 	[bullseye] - openssh <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/10/06/1
+	NOTE: https://github.com/openssh/openssh-portable/commit/43b3bff47bb029f2299bacb6a36057981b39fdb0
 CVE-2025-61984 (ssh in OpenSSH before 10.1 allows control characters in usernames that ...)
 	- openssh 1:10.1p1-1 (bug #1117529)
 	[trixie] - openssh <no-dsa> (Minor issue)
@@ -30248,6 +30249,7 @@ CVE-2025-61984 (ssh in OpenSSH before 10.1 allows control characters in username
 	[bullseye] - openssh <postponed> (Minor issue; can be fixed in next update)
 	NOTE: https://www.openwall.com/lists/oss-security/2025/10/06/1
 	NOTE: https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984
+	NOTE: https://github.com/openssh/openssh-portable/commit/35d5917652106aede47621bb3f64044604164043
 CVE-2025-61778 (Akka.NET is a .NET port of the Akka project from the Scala / Java comm ...)
 	NOT-FOR-US: Akka.NET
 CVE-2025-61777 (Flag Forge is a Capture The Flag (CTF) platform. Starting in version 2 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/985d841546c34f02d6b862642e1fbd91dbee3aa1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/985d841546c34f02d6b862642e1fbd91dbee3aa1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251230/2a85ff4e/attachment.htm>

More information about the debian-security-tracker-commits mailing list