[Git][security-tracker-team/security-tracker][master] Add CVE-2025-8277/libssh

Tue, 09 Sep 2025 13:39:49 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
a61d3916 by Salvatore Bonaccorso at 2025-09-09T22:39:12+02:00
Add CVE-2025-8277/libssh

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -24,7 +24,9 @@ CVE-2025-8712 (Missing authorization in Ivanti Connect Secure 
before 22.7R2.9 or
 CVE-2025-8711 (CSRF in Ivanti Connect Secure before 22.7R2.9 or 22.8R2, Ivanti 
Policy ...)
        NOT-FOR-US: Ivanti
 CVE-2025-8277 (A flaw was found in libssh's handling of key exchange (KEX) 
processes  ...)
-       TODO: check
+       - libssh <unfixed>
+       NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2383888
+       NOTE: https://www.libssh.org/security/advisories/CVE-2025-8277.txt
 CVE-2025-8008 (A security issue exists in the protected mode of EN4TR devices, 
where  ...)
        NOT-FOR-US: Rockwell Automation
 CVE-2025-8007 (A security issue exists in the protected mode of 1756-EN4TR and 
1756-E ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a61d3916e0bd2d555a183f19bec71938c6656abc

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a61d3916e0bd2d555a183f19bec71938c6656abc
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to