Accepting request 1165554 from home:alarrosa:branches:network
- Add missing bugzilla/CVE references to the changelog OBS-URL: https://build.opensuse.org/request/show/1165554 OBS-URL: https://build.opensuse.org/package/show/network/openssh?expand=0&rev=260
This commit is contained in:
Git OBS Bridge
parent
b0b10ece31
commit
2f5a8dd315
@ -1,3 +1,8 @@
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 5 11:10:18 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
||||
|
||||
- Add missing bugzilla/CVE references to the changelog
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Apr 4 12:23:13 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
|
||||
|
||||
@ -297,14 +302,14 @@ Wed Sep 27 06:28:57 UTC 2023 - Thorsten Kukuk <kukuk@suse.com>
|
||||
-------------------------------------------------------------------
|
||||
Fri Jul 21 02:48:58 UTC 2023 - Simon Lees <sflees@suse.de>
|
||||
|
||||
- Update to openssh 9.3p2 (bsc#1213504, CVE-2023-38408):
|
||||
- Update to openssh 9.3p2:
|
||||
Security
|
||||
========
|
||||
|
||||
Fix CVE-2023-38408 - a condition where specific libaries loaded via
|
||||
Fix a condition where specific libaries loaded via
|
||||
ssh-agent(1)'s PKCS#11 support could be abused to achieve remote
|
||||
code execution via a forwarded agent socket if the following
|
||||
conditions are met:
|
||||
conditions are met (bsc#1213504, CVE-2023-38408):
|
||||
|
||||
* Exploitation requires the presence of specific libraries on
|
||||
the victim system.
|
||||
@ -1060,7 +1065,7 @@ Tue Sep 28 17:50:57 UTC 2021 - Hans Petter Jansson <hpj@suse.com>
|
||||
|
||||
Depending on system configuration, inherited groups may allow
|
||||
AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to
|
||||
gain unintended privilege.
|
||||
gain unintended privilege (bsc#1190975, CVE-2021-41617).
|
||||
|
||||
Neither AuthorizedKeysCommand nor AuthorizedPrincipalsCommand are
|
||||
enabled by default in sshd_config(5).
|
||||
@ -1259,7 +1264,7 @@ Tue Sep 28 17:50:57 UTC 2021 - Hans Petter Jansson <hpj@suse.com>
|
||||
* ssh-agent(1): fixed a double-free memory corruption that was
|
||||
introduced in OpenSSH 8.2 . We treat all such memory faults as
|
||||
potentially exploitable. This bug could be reached by an attacker
|
||||
with access to the agent socket.
|
||||
with access to the agent socket (bsc#1183137, CVE-2021-28041)
|
||||
|
||||
= Potentially-incompatible changes
|
||||
* ssh(1), sshd(8): this release changes the first-preference signature
|
||||
@ -2288,7 +2293,9 @@ Tue Oct 9 11:01:40 UTC 2018 - Tomáš Chvátal <tchvatal@suse.com>
|
||||
* openssh-7.7p1-fips.patch
|
||||
* openssh-7.7p1-cavstest-ctr.patch
|
||||
* openssh-7.7p1-cavstest-kdf.patch
|
||||
* openssh-7.7p1-fips_checks.patch
|
||||
* openssh-7.7p1-fips_checks.patch . Close the right
|
||||
filedescriptor to avoid fd leads, and also close fdh in
|
||||
read_hmac (bsc#1209536).
|
||||
* openssh-7.7p1-seed-prng.patch
|
||||
* openssh-7.7p1-systemd-notify.patch
|
||||
* openssh-7.7p1-gssapi_key_exchange.patch
|
||||
|
||||
Loading…
Reference in New Issue
Block a user