Format: 1.8 Date: Tue, 02 Jan 2024 11:54:04 -0500 Source: openssh Binary: openssh-client openssh-server openssh-sftp-server openssh-tests ssh-askpass-gnome Built-For-Profiles: noudeb Architecture: riscv64 riscv64_translations Version: 1:8.9p1-3ubuntu0.6 Distribution: jammy Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot openssh-tests - OpenSSH regression tests ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad Changes: openssh (1:8.9p1-3ubuntu0.6) jammy-security; urgency=medium . * SECURITY UPDATE: incomplete PKCS#11 destination constraints - debian/patches/CVE-2023-51384.patch: apply destination constraints to all p11 keys in ssh-agent.c. - CVE-2023-51384 * SECURITY UPDATE: command injection via shell metacharacters - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in ssh.c. - CVE-2023-51385 Checksums-Sha1: b575764e2f93d6b6450e5a579e1d091c7db32327 3647282 openssh-client-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb ebafdb654ffe25efe3c01e249951c236ceca07fb 810894 openssh-client_8.9p1-3ubuntu0.6_riscv64.deb 0810100c58aaacccda514dd148b0a73fccd44eee 921874 openssh-server-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 1ddf19cd847f1f5e6cbbf11d3a4b3e072dff6f3a 426134 openssh-server_8.9p1-3ubuntu0.6_riscv64.deb 3eb79a9e4e47ad4928cc0e4007723c17d201ba5b 165990 openssh-sftp-server-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb c8bfb456ad59ef847733bc78ca51ef001ab5de2f 60122 openssh-sftp-server_8.9p1-3ubuntu0.6_riscv64.deb 050ec9abdc4592a339c14f2475bfb6af4a7bd316 2897244 openssh-tests-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 4537851b28cbd443da0389c30c529cd5352f78c5 1179318 openssh-tests_8.9p1-3ubuntu0.6_riscv64.deb 3c411488bfd7130c30f04c75fbe079d7b7399c43 18750 openssh_8.9p1-3ubuntu0.6_riscv64.buildinfo fc8994136e827771a961152abc17a5ccd2f3ddf7 8515 openssh_8.9p1-3ubuntu0.6_riscv64_translations.tar.gz efae116b70859d77d2bd6e99e97834d0119247a3 17064 ssh-askpass-gnome-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 097408e985b4a90eb75264aa15bfc60f44a72ba5 17284 ssh-askpass-gnome_8.9p1-3ubuntu0.6_riscv64.deb Checksums-Sha256: 08ea22bdf075bd47b08477a1616e11871c67d8fd7bfb3b4ccb1fba3a5d9cba09 3647282 openssh-client-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb d2ef715772257c787f3ab8bedd0cef131bf83854c24f2110bc6d5586c2ef1407 810894 openssh-client_8.9p1-3ubuntu0.6_riscv64.deb 392ce2d9629ac0cf7f92ddad60f51792952fda41981d8bd56fbbb3c4d939047a 921874 openssh-server-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 1259faec9ab016501a1a6b8128a42e2ccf47d8b71e8d75fc49d5a7b7390d43cb 426134 openssh-server_8.9p1-3ubuntu0.6_riscv64.deb dce594afcc4c64db383d0b922a96f765fcecdc720a18b6587b895d492a47c242 165990 openssh-sftp-server-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 452b92496c03f6ea264e9feb30f943646d4e0d3b4b07d18d56c0f702c9aa78f6 60122 openssh-sftp-server_8.9p1-3ubuntu0.6_riscv64.deb 62d7a5957e67a207a1383bea87dac3e6143cc32a4f9c6aa76710cd3b14cdd48d 2897244 openssh-tests-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 243d9771ee18032c4de68c27fb0fb3a5005e0cf5487357e0cdaee60a56267a0f 1179318 openssh-tests_8.9p1-3ubuntu0.6_riscv64.deb 13a3c82f178fe6d34f3755b2966f00fa19a558aed07fdae2719d318a42f9156f 18750 openssh_8.9p1-3ubuntu0.6_riscv64.buildinfo 37d23f9aebf4124c4c9bd8088aa0109ed4ea106ca613b4e9fa18a183ad96e120 8515 openssh_8.9p1-3ubuntu0.6_riscv64_translations.tar.gz a90075b37a1ca0d0fa50dd6c403d14ea5dce39202173daaacb7ace60498a766b 17064 ssh-askpass-gnome-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 5108b43d3329a1801304871b40d4876d24deee824697e9838669ea3619a83998 17284 ssh-askpass-gnome_8.9p1-3ubuntu0.6_riscv64.deb Files: 3fff551c8bd8c181756db5ec5a8ab34a 3647282 debug optional openssh-client-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 27ba798dcf239bfbbe6fc6efd5aa21a2 810894 net standard openssh-client_8.9p1-3ubuntu0.6_riscv64.deb f171430dde1f584cef3abe9d8ba3b6a8 921874 debug optional openssh-server-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb fcb350f3963d0e30f88e074e2cef32d9 426134 net optional openssh-server_8.9p1-3ubuntu0.6_riscv64.deb ae63d93c507452d00a143d2427665d86 165990 debug optional openssh-sftp-server-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 7297a82802d848ed11c83a7ce100e52b 60122 net optional openssh-sftp-server_8.9p1-3ubuntu0.6_riscv64.deb 539160b056fae581b3d2c3b2d713d132 2897244 debug optional openssh-tests-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb 15cd8997af90f418811fc40ce1fccaba 1179318 net optional openssh-tests_8.9p1-3ubuntu0.6_riscv64.deb a9859a84c55538432ddfce1afec7007d 18750 net standard openssh_8.9p1-3ubuntu0.6_riscv64.buildinfo 703fba812504d3f50f4f691650ab0cf8 8515 raw-translations - openssh_8.9p1-3ubuntu0.6_riscv64_translations.tar.gz 78b7a933e05d2e7de9d8569c95e14e50 17064 debug optional ssh-askpass-gnome-dbgsym_8.9p1-3ubuntu0.6_riscv64.ddeb f5af7c87996bffabaa1c6098e19ae578 17284 gnome optional ssh-askpass-gnome_8.9p1-3ubuntu0.6_riscv64.deb Original-Maintainer: Debian OpenSSH Maintainers