[Pkg-erlang-devel] Bug#1059002: Bug#1059002: erlang: CVE-2023-48795
Sergei Golovan
sgolovan at gmail.com
Tue Dec 19 09:12:27 GMT 2023
Hi Salvatore,
On Tue, Dec 19, 2023 at 11:24 AM Salvatore Bonaccorso <carnil at debian.org> wrote:
>
> Source: erlang
> Version: 1:25.2.3+dfsg-1
> Severity: important
> Tags: security upstream
> X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
>
> Hi,
>
> The following vulnerability was published for erlang.
>
> CVE-2023-48795[0]:
Reading the latest announcement on the Erlang mailing list I've found
that there is an update of ssh in Erlang 25 which addresses
CVE-2023-48795:
https://erlang.org/pipermail/erlang-announce/2023-December/000260.html
I will try to backport these changes to Erlang currently in stable if
it's necessary. As for the unstable, the newest version will fix this
as well.
Cheers!
--
Sergei Golovan
More information about the Pkg-erlang-devel
mailing list