Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
6a3b6db0 by Salvatore Bonaccorso at 2026-07-08T09:25:54+02:00
Add new opessh issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,25 +19,33 @@ CVE-2026-7380 (Improper neutralization of Script-Related 
HTML tags in a web page
 CVE-2026-6101 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for 
WordPress is ...)
        NOT-FOR-US: WordPress plugin
 CVE-2026-60002 (ssh in OpenSSH before 10.4 can have a use-after-free when a 
server cha ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-60001 (sshd in OpenSSH before 10.4 does not always honor the minimum 
authenti ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-60000 (sshd in OpenSSH before 10.4 allows remote attackers to cause a 
denial  ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-5799 (Authorization bypass through User-Controlled key vulnerability 
in Idvl ...)
        TODO: check
 CVE-2026-5730 (Authorization bypass through User-Controlled key vulnerability 
in Idvl ...)
        TODO: check
 CVE-2026-59999 (In sshd in OpenSSH before 10.4, DisableForwarding=yes was 
supposed to  ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-59998 (sshd in OpenSSH before 10.4 has an undocumented 
security-relevant beha ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-59997 (internal-sftp in sshd in OpenSSH before 10.4 recognizes only 
the first ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-59996 (scp in OpenSSH before 10.4 may place a file in the parent 
directory of ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-59995 (sftp in OpenSSH before 10.4 does not properly constrain the 
location o ...)
-       TODO: check
+       - openssh 1:10.4p1-1
+       NOTE: https://www.openssh.org/releasenotes.html#10.4p1
 CVE-2026-59800 (9Router before 0.4.44 contains an OS command injection 
vulnerability i ...)
        TODO: check
 CVE-2026-59709 (Ghostfolio's PUT 
/api/v1/portfolio/holding/:dataSource/:symbol/tags en ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a3b6db0cc1d59399fb4afc42d2cdfa459e22357

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a3b6db0cc1d59399fb4afc42d2cdfa459e22357
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to