openssh (1:8.4p1-5+deb11u2) bullseye; urgency=medium * Cherry-pick from OpenSSH 9.3p2: - [CVE-2023-38408] Fix a condition where specific libraries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket (closes: #1042460). -- Colin Watson <email address hidden> Sat, 23 Sep 2023 23:13:51 +0100