Publishing details

• Published on 2023-10-07

Changelog

openssh (1:8.4p1-5+deb11u2) bullseye; urgency=medium

  * Cherry-pick from OpenSSH 9.3p2:
    - [CVE-2023-38408] Fix a condition where specific libraries loaded via
      ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code
      execution via a forwarded agent socket (closes: #1042460).

 -- Colin Watson <email address hidden>  Sat, 23 Sep 2023 23:13:51 +0100

Builds

Package files

• openssh_8.4p1-5+deb11u2.debian.tar.xz (176.9 KiB)
• openssh_8.4p1-5+deb11u2.dsc (3.3 KiB)
• openssh_8.4p1.orig.tar.gz (1.7 MiB)
• openssh_8.4p1.orig.tar.gz.asc (683 bytes)