Source: openssh Version: 1:7.3p1-5 Severity: important Tags: security upstream
Hi, the following vulnerability was published for openssh. CVE-2016-10009[0]: |ssh-agent(1): load PKCS#11 modules from paths outside a trusted |whitelist If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2016-10009 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009 Please adjust the affected versions in the BTS as needed. Note, I'm opening individual bugs for the four assigned CVEs. The reason is that is is not yet triaged if the set of common affected versions is the same for all. This allows us to track the CVEs in BTS. Regards, Salvatore
