Accepting request 1166156 from home:alarrosa:branches:network

Add one more bsc/CVE reference OBS-URL: https://build.opensuse.org/request/show/1166156 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=261
2024-04-08 11:15:17 +00:00 · 2024-04-08 11:15:17 +00:00 · 2793e0783a
commit 2793e0783a
parent 2f5a8dd315
1 changed files with 2 additions and 1 deletions
--- a/openssh.changes
+++ b/openssh.changes
@ -50,7 +50,8 @@ Sun Feb 25 18:26:23 UTC 2024 - Hans Petter Jansson <hpj@suse.com>
    protocol by sending extra messages prior to the commencement of
    encryption, and deleting an equal number of consecutive messages
    immediately after encryption starts. A peer SSH client/server
-    would not be able to detect that messages were deleted.
+    would not be able to detect that messages were deleted
+    (bsc#1217950, CVE-2023-48795).
  * ssh-agent(1): when adding PKCS#11-hosted private keys while
    specifying destination constraints, if the PKCS#11 token returned
    multiple keys then only the first key had the constraints applied.