Source: libssh Version: 0.10.4-2 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 0.9.3-1 Control: found -1 0.9.5-1+deb11u1
Hi, The following vulnerabilities were published for libssh. CVE-2023-1667[0]: | Potential NULL dereference during rekeying with algorithm guessing CVE-2023-2283[1]: | Authorization bypass in pki_verify_data_signature If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2023-1667 https://www.cve.org/CVERecord?id=CVE-2023-1667 https://www.libssh.org/security/advisories/CVE-2023-1667.txt [1] https://security-tracker.debian.org/tracker/CVE-2023-2283 https://www.cve.org/CVERecord?id=CVE-2023-2283 https://www.libssh.org/security/advisories/CVE-2023-2283.txt Regards, Salvatore