-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 Sep 2023 23:11:33 +0100 Source: openssh Architecture: source Version: 1:9.2p1-2+deb12u1 Distribution: bookworm Urgency: medium Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Closes: 1042460 Changes: openssh (1:9.2p1-2+deb12u1) bookworm; urgency=medium . * Cherry-pick from OpenSSH 9.3p2: - [CVE-2023-38408] Fix a condition where specific libraries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket (closes: #1042460). Checksums-Sha1: bec06185ba96f1bd9d2196811969c51fc6210516 3352 openssh_9.2p1-2+deb12u1.dsc 29179a345fc4b31133e212c8dcb9499807957bb4 184920 openssh_9.2p1-2+deb12u1.debian.tar.xz Checksums-Sha256: 908406c2173d3bf99d0283606c841f08f48d9533b27aeab689b9c454b28e535c 3352 openssh_9.2p1-2+deb12u1.dsc 416584c486be53038afa618d8bd6605a6d0b54706ea89a911b3d4b8e0abfc3f8 184920 openssh_9.2p1-2+deb12u1.debian.tar.xz Files: d7947ab3a7f20ca168e65aa93e601ac8 3352 net standard openssh_9.2p1-2+deb12u1.dsc a3bc2d1eceb611608505ecea4cb84a0e 184920 net standard openssh_9.2p1-2+deb12u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAmUPYsoACgkQOTWH2X2G UAvZ0A/9FqmBbxiskM9InH3Zvf7fmIABhAHWwudauK+qsaxTJGgC+I0V33kPl7L5 eOQo808LIEv99485sNxJFni1KXV1lMy9wwJ9kw8Clc5i7OFKaNLfO6WpD98CAXh6 AId6n6fsrolYafiuIcDU4YWpflGdBdtEJvrT3WCcOJFHgxrJMAmMexDYy8XZcFRn EVW3fhlOjSJIJL8fgFuHbPlbO6Gvwr/lwwU0Sjik6LSDOS1KatUwtYu9NLPNRBRr MshIScga74hLqM62SpQ/YEl88FYgPBs9Q7BmidPVfLwzVtLhoFbVa+G7fiOYyKa/ rTB+v3LXVmfd6QvJqlJViUbcLYysZXFHWUF8dpwMqmrU23AIHYRT1gLphrJ5AgMv YfPd3//3ebOHQS9FrD4pjuREBztJoh84rCN5gFdiVt8wUl2rwMK5LV3LQapf9Y2C UHDHZ6HQjznN8CX6qgXY5D+LQjpu4PMANlAfCQw/gVohe/8LR1tEIvV58vYiqJCD XC/Tb+CygbW1/XAcOZAvLsfuBb1fK+B43pA517hHyd6Wez4hy3PWWiN7x0kmSPbS VnmoQ2LgxfsotKNdJ5R0lXLKfCpNvR2xOfY27koMKq8uI5ZLpMbvVITV5T0tFOJm mSpF8lNU3GbJ0PcSGADwYCSrPSTiV9SvJV2oJ0+PYFHtOiXpO+A= =znYS -----END PGP SIGNATURE-----