Miroirs/slackware-current
1
0
Fork 0
mirror of git://slackware.nl/current.git synced 2024-12-29 10:25:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
slackware-current/patches/packages/openssh-9.3p2-x86_64-1_slack15.0.txt
Patrick J Volkerding b9cb99a88e Wed Jul 19 20:36:46 UTC 2023 
patches/packages/curl-8.2.0-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  fopen race condition.
  For more information, see:
    https://curl.se/docs/CVE-2023-32001.html
    https://www.cve.org/CVERecord?id=CVE-2023-32001
  (* Security fix *)
patches/packages/openssh-9.3p2-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes a security issue:
  ssh-agent(1) in OpenSSH between and 5.5 and 9.3p1 (inclusive): remote code
  execution relating to PKCS#11 providers.
  The PKCS#11 support ssh-agent(1) could be abused to achieve remote code
  execution via a forwarded agent socket if the following conditions are met:
  * Exploitation requires the presence of specific libraries on the victim
    system.
  * Remote exploitation requires that the agent was forwarded to an
    attacker-controlled system.
  Exploitation can also be prevented by starting ssh-agent(1) with an empty
  PKCS#11/FIDO allowlist (ssh-agent -P '') or by configuring an allowlist that
  contains only specific provider libraries.
  This vulnerability was discovered and demonstrated to be exploitable by the
  Qualys Security Advisory team.
  Potentially-incompatible changes:
  * ssh-agent(8): the agent will now refuse requests to load PKCS#11 modules
  issued by remote clients by default. A flag has been added to restore the
  previous behaviour: "-Oallow-remote-pkcs11".
  For more information, see:
    https://www.openssh.com/txt/release-9.3p2
    https://www.cve.org/CVERecord?id=CVE-2023-38408
  (* Security fix *)
2023-07-21 13:30:33 +02:00

11 lines
672 B
Text
Raw Blame History

openssh: openssh (Secure Shell daemon and clients)
openssh:
openssh: ssh (Secure Shell) is a program for logging into a remote machine and
openssh: for executing commands on a remote machine. It is intended to replace
openssh: rlogin and rsh, and provide secure encrypted communications between
openssh: two untrusted hosts over an insecure network. sshd (SSH Daemon) is
openssh: the daemon program for ssh. OpenSSH is based on the last free version
openssh: of Tatu Ylonen's SSH, further enhanced and cleaned up by Aaron
openssh: Campbell, Bob Beck, Markus Friedl, Niels Provos, Theo de Raadt, and
openssh: Dug Song. It has a homepage at http://www.openssh.com/
openssh:
Reference in a new issue View git blame Copy permalink