Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
80c613e8 by Salvatore Bonaccorso at 2023-12-19T08:07:08+01:00
Add erlang for CVE-2023-48795
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,6 +101,7 @@ CVE-2023-46447 [Rogue Session Attack in AsyncSSH]
NOTE: https://terrapin-attack.com/
CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions,
found in O ...)
- dropbear <unfixed>
+ - erlang <unfixed>
- golang-go.crypto <unfixed>
- libssh <unfixed>
- libssh2 <unfixed>
@@ -112,6 +113,7 @@ CVE-2023-48795 (The SSH transport protocol with certain
OpenSSH extensions, foun
NOTE: https://terrapin-attack.com/
NOTE: https://www.openwall.com/lists/oss-security/2023/12/18/3
NOTE: dropbear:
https://github.com/mkj/dropbear/commit/6e43be5c7b99dbee49dc72b6f989f29fdd7e9356
+ NOTE: Erlang/OTP:
https://github.com/erlang/otp/commit/ee67d46285394db95133709cef74b0c462d665aa
(OTP-24.3.4.15, OTP-25.3.2.8, OTP-26.2.1)
NOTE: golang.org/x/crypto/ssh:
https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
NOTE: golang.org/x/crypto/ssh: https://github.com/golang/go/issues/64784
NOTE: golang.org/x/crypto/ssh:
https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
(v0.17.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80c613e85d0f408dbb11a1757feaf0da64db2208
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80c613e85d0f408dbb11a1757feaf0da64db2208
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
