Format: 1.8 Date: Tue, 02 Jan 2024 11:33:40 -0500 Source: openssh Binary: openssh-client openssh-server openssh-sftp-server openssh-tests ssh-askpass-gnome Built-For-Profiles: noudeb Architecture: riscv64 riscv64_translations Version: 1:9.3p1-1ubuntu3.2 Distribution: mantic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot openssh-tests - OpenSSH regression tests ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad Changes: openssh (1:9.3p1-1ubuntu3.2) mantic-security; urgency=medium . * SECURITY UPDATE: incomplete PKCS#11 destination constraints - debian/patches/CVE-2023-51384.patch: apply destination constraints to all p11 keys in ssh-agent.c. - CVE-2023-51384 * SECURITY UPDATE: command injection via shell metacharacters - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in ssh.c. - CVE-2023-51385 Checksums-Sha1: 15ff1105e51f077037342ef3340096c17d7c1d75 3679154 openssh-client-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb d0595a018e55b66e7f40ff69dcf4cd58ba3f2cd2 945788 openssh-client_9.3p1-1ubuntu3.2_riscv64.deb 6624329d57165133c2d1ff6b81996a26a560bf30 931792 openssh-server-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb b4e4415b05234b07c458b670d5824cd9b395cb27 485568 openssh-server_9.3p1-1ubuntu3.2_riscv64.deb dfa5edda0dbac13980ca3c47f65c14211a7421a8 164452 openssh-sftp-server-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb c1c2a5ed843f93c70fed64528f9594c4e7d9aa89 71272 openssh-sftp-server_9.3p1-1ubuntu3.2_riscv64.deb c4c12c4eb7a28535fb64e072a8937c9fdebaf145 2850776 openssh-tests-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb ae861cd8be16963c696aec68c4fc0297fa100e71 1261440 openssh-tests_9.3p1-1ubuntu3.2_riscv64.deb 71e98bc6a7319147c5d65a3765b71a69abdaafc7 18104 openssh_9.3p1-1ubuntu3.2_riscv64.buildinfo a8ff96bfd516e2ce04f3b78b5a2735a35458298d 9798 openssh_9.3p1-1ubuntu3.2_riscv64_translations.tar.gz 1971125c6f873ab00b913f8ec30ee32fef5481cd 17156 ssh-askpass-gnome-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 4da14f1c7598cc8814375fd7577f0ce2af60f791 18096 ssh-askpass-gnome_9.3p1-1ubuntu3.2_riscv64.deb Checksums-Sha256: 376db85e20456eb778194c686ee646d06b8e92050f97bff806a2e039920f1d49 3679154 openssh-client-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 6bd3593220ae79f971c81d22c98f88cbcf99f8b56b64ebb190023a253ab5d557 945788 openssh-client_9.3p1-1ubuntu3.2_riscv64.deb 59b182e06847d1dbef9a839fdc3ea187466f521de9af37c8e3d58ea6ee5314f6 931792 openssh-server-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 56e2636971bce6b2be90f19db882110acdd4e2abc6f5b9e027e6e6ee3c4f0cb7 485568 openssh-server_9.3p1-1ubuntu3.2_riscv64.deb 94e5665581a0d81cde0ea8c67433db68ce159945f7f39e60dff2e5aa244c5ab3 164452 openssh-sftp-server-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 03614e6b34fb2c62f11d563681835f9232b46fb2ee17d791a0cabaabe92eb11a 71272 openssh-sftp-server_9.3p1-1ubuntu3.2_riscv64.deb 2a7ebdedf6162341d87cc1947738a191d0a07566933be2361aab9f0907911a90 2850776 openssh-tests-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 568713944cd944baa9637a370762a2f61f2cf30969b0e844aa609f6d40c29967 1261440 openssh-tests_9.3p1-1ubuntu3.2_riscv64.deb bf24cbdc925dac16b2ac7e1fe23efc43af35413c6a587ac98f778122223c1610 18104 openssh_9.3p1-1ubuntu3.2_riscv64.buildinfo a6e347980c29b1e754290ad4e3542fd95c4015c3c15d55d09b7490217d3fa90c 9798 openssh_9.3p1-1ubuntu3.2_riscv64_translations.tar.gz dc00f04c81c551aac2033fb56c341befc4947c0b6c6e45d5169a44796f1dbf90 17156 ssh-askpass-gnome-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 724a84a49b749213a0e65af779d5bdee19df9faa31753ad0cd7a23c343474c66 18096 ssh-askpass-gnome_9.3p1-1ubuntu3.2_riscv64.deb Files: 895da0794cf41e4493c119561c0035aa 3679154 debug optional openssh-client-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 3a5595e694286d6528b7012c1d79b847 945788 net standard openssh-client_9.3p1-1ubuntu3.2_riscv64.deb 47f02ccd75378b7b201674e25e34e9fe 931792 debug optional openssh-server-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 3abfe2ae03e1b1eb4fc13e6da202dcb2 485568 net optional openssh-server_9.3p1-1ubuntu3.2_riscv64.deb 35505eb5c1bfa4f46e06404b165b3cb3 164452 debug optional openssh-sftp-server-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 43ab10ce94413f5cbe0f550d18b332f7 71272 net optional openssh-sftp-server_9.3p1-1ubuntu3.2_riscv64.deb 8fad3e683714e1afa59dfb1f038b0f4f 2850776 debug optional openssh-tests-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb 99f36cc36fc85e2ae9c34bf7e7e53a58 1261440 net optional openssh-tests_9.3p1-1ubuntu3.2_riscv64.deb 154bb852dd7f253b8cfafb8d995e37fb 18104 net standard openssh_9.3p1-1ubuntu3.2_riscv64.buildinfo 1c42c557f8701644de303c0f5859e77f 9798 raw-translations - openssh_9.3p1-1ubuntu3.2_riscv64_translations.tar.gz 083f3b60dbf937b912d788659718f3b7 17156 debug optional ssh-askpass-gnome-dbgsym_9.3p1-1ubuntu3.2_riscv64.ddeb ef2d4994b0d6878a1b3abaf78cb079b7 18096 gnome optional ssh-askpass-gnome_9.3p1-1ubuntu3.2_riscv64.deb Original-Maintainer: Debian OpenSSH Maintainers