-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 Sep 2023 23:13:51 +0100 Source: openssh Architecture: source Version: 1:8.4p1-5+deb11u2 Distribution: bullseye Urgency: medium Maintainer: Debian OpenSSH Maintainers <debian-ssh@lists.debian.org> Changed-By: Colin Watson <cjwatson@debian.org> Closes: 1042460 Changes: openssh (1:8.4p1-5+deb11u2) bullseye; urgency=medium . * Cherry-pick from OpenSSH 9.3p2: - [CVE-2023-38408] Fix a condition where specific libraries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket (closes: #1042460). Checksums-Sha1: 5c8715af36211ea95770b993a652644a70fc0801 3393 openssh_8.4p1-5+deb11u2.dsc 6ae5d2e17c2036ac074fe7b1041e4417f75c1047 181152 openssh_8.4p1-5+deb11u2.debian.tar.xz Checksums-Sha256: 85766be35d9e1d460e8117164a7a7d5f7347de5130718a7065098c8e6fc4e7bd 3393 openssh_8.4p1-5+deb11u2.dsc 72ab9d1e3186a3efbdbb792c9ae08daa4e965a219579482a23d743cfef0180cd 181152 openssh_8.4p1-5+deb11u2.debian.tar.xz Files: 65a6dabac79749aabb9c79450cd1e07e 3393 net standard openssh_8.4p1-5+deb11u2.dsc 7e2b10adce672e516ecc61f4dfa4ce4f 181152 net standard openssh_8.4p1-5+deb11u2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEErApP8SYRtvzPAcEROTWH2X2GUAsFAmUPYz4ACgkQOTWH2X2G UAuTeA//eFuMrBgW8963sFFyvyrlSWXvvm1RYd3iAqExGAne4JLCd8ZhIuiW9ETg gf3AUG2DDdcoLQjv9fgBEaRLHb35maFLJ+KAvp219MemhHoex8WiiQhA7riPolOI fPjuoJFm/0db3vU3CI0nlDYv6+gcS7YueoUFBH4OaCO518ShScxc6i4wwTsRlJdG cyp62DRJ7c7B1rLXqQxsb8NR9QpytUzg3Og2W04wGYPHN2wWnxw5dgmKoePAMM60 6RlG30w0SyjSReUneVy3r80UTMsAu5nx2Z91gFAcfBu9JFEoXGeZMwi2xQyts6Gm xfwJuvmFvFucwWFbSIFs5thzO79OPxzWZUsHUN6bfsEGTdYmsNn9dVz/NapTvERA AkCMKvfOcCko7w0Ktw4oakwQtoy/3f8xp9bZx/tqO4gUR1aTyahz73Hwnf4jeSrU N27dK9nzjNuOFialBTLRFYgIWX8HTN2Bn7sZD+sIrYPq5fbSwz9hjmTOdHrdAAS6 keAWGDsXWV+/oPT79cAO82m87pXnwWKbGMlYT9+7vFzi4q0cU4HNPoUA1Etpa+MG 65X/VMMZ2/Bo6kdjwekab6UIvdr7VOZrFhLac7ixa6rCxMMvV0Zhyax4ya3ghQkk 2RnsZ/AKB2f9sHZjqPkeoYKrcS2D2clgyv34L8miKUad39s9KfQ= =tReq -----END PGP SIGNATURE-----
