Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ccb041b9 by Salvatore Bonaccorso at 2025-02-18T10:01:50+01:00 Add new openssh issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,17 @@ +CVE-2025-26466 [Denial of Service: asymmetric resource consumption of memory and CPU] + - openssh <unfixed> + [bookworm] - openssh <not-affected> (Vulnerable code introduced later) + [bullseye] - openssh <not-affected> (Vulnerable code introduced later) + NOTE: https://www.openssh.com/releasenotes.html#9.9p2 + NOTE: https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt + NOTE: Introduced with: https://github.com/openssh/openssh-portable/commit/dce6d80d2ed3cad2c516082682d5f6ca877ef714 (V_9_5_P1) + NOTE: Fixed by: https://github.com/openssh/openssh-portable/commit/6ce00f0c2ecbb9f75023dbe627ee6460bcec78c2 (V_9_9_P1) +CVE-2025-26465 [MitM] + - openssh <unfixed> + NOTE: https://www.openssh.com/releasenotes.html#9.9p2 + NOTE: https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt + NOTE: Introduced with: https://github.com/openssh/openssh-portable/commit/5e39a49930d885aac9c76af3129332b6e772cd75 (V_6_8_P1) + NOTE: Fixed by: https://github.com/openssh/openssh-portable/commit/0832aac79517611dd4de93ad0a83577994d9c907 (V_9_9_P1) CVE-2025-25224 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5 ...) NOT-FOR-US: LuxCal Web Calendar CVE-2025-25223 (The LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb041b9493cc1038ee0381d4d486e56d47a8e70 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccb041b9493cc1038ee0381d4d486e56d47a8e70 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
