[Git][security-tracker-team/security-tracker][master] Add Debian bug references for openssh issues
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Apr 3 10:07:16 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2444c006 by Salvatore Bonaccorso at 2026-04-03T11:06:49+02:00
Add Debian bug references for openssh issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -195,19 +195,19 @@ CVE-2026-3872 (A flaw was found in Keycloak. This issue allows an attacker, who
CVE-2026-3692 (In Progress Flowmon versions prior to 12.5.8, a vulnerability exists w ...)
NOT-FOR-US: Progress Software
CVE-2026-35414 (OpenSSH before 10.3 mishandles the authorized_keys principals option i ...)
- - openssh <unfixed>
+ - openssh <unfixed> (bug #1132576)
NOTE: https://www.openssh.org/releasenotes.html#10.3p1
CVE-2026-35388 (OpenSSH before 10.3 omits connection multiplexing confirmation for pro ...)
- - openssh <unfixed>
+ - openssh <unfixed> (bug #1132575)
NOTE: https://www.openssh.org/releasenotes.html#10.3p1
CVE-2026-35387 (OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of an ...)
- - openssh <unfixed>
+ - openssh <unfixed> (bug #1132574)
NOTE: https://www.openssh.org/releasenotes.html#10.3p1
CVE-2026-35386 (In OpenSSH before 10.3, command execution can occur via shell metachar ...)
- - openssh <unfixed>
+ - openssh <unfixed> (bug #1132573)
NOTE: https://www.openssh.org/releasenotes.html#10.3p1
CVE-2026-35385 (In OpenSSH before 10.3, a file downloaded by scp may be installed setu ...)
- - openssh <unfixed>
+ - openssh <unfixed> (bug #1132572)
NOTE: https://www.openssh.org/releasenotes.html#10.3p1
CVE-2026-35168 (OpenSTAManager is an open source management software for technical ass ...)
NOT-FOR-US: OpenSTAManager
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2444c0066d27c1a4d13ac164bad2fcfe0ebb73d4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2444c0066d27c1a4d13ac164bad2fcfe0ebb73d4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260403/a675e2cf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list