Format: 1.8 Date: Tue, 02 Jan 2024 12:13:02 -0500 Source: openssh Binary: openssh-client openssh-client-udeb openssh-server openssh-server-udeb openssh-sftp-server openssh-tests ssh-askpass-gnome Architecture: s390x s390x_translations Version: 1:8.2p1-4ubuntu0.11 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-client-udeb - secure shell client for the Debian installer (udeb) openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-server-udeb - secure shell server for the Debian installer (udeb) openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot openssh-tests - OpenSSH regression tests ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad Changes: openssh (1:8.2p1-4ubuntu0.11) focal-security; urgency=medium . * SECURITY UPDATE: Supplemental groups not initialized - debian/patches/CVE-2021-41617-1.patch: add initgroups() before setresgid() in auth.c. - debian/patches/CVE-2021-41617-2.patch: add grp.h in auth.c. - CVE-2021-41617 * SECURITY UPDATE: command injection via shell metacharacters - debian/patches/CVE-2023-51385.patch: ban user/hostnames with most shell metacharacters in ssh.c. - CVE-2023-51385 Checksums-Sha1: 3e5e03c57c3bdb574a388b5291e72b2c55223746 3967020 openssh-client-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 64b80e5267324df8ec7eade3d93480fae6bf7da6 285492 openssh-client-udeb_8.2p1-4ubuntu0.11_s390x.udeb 3d8234a9e8e8af050b48b0a7f639e59cf9d06342 623716 openssh-client_8.2p1-4ubuntu0.11_s390x.deb 751cbbda882c4c05da5c7b4b40af62cef0378725 1079884 openssh-server-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb f5dd636e6d864bf8c8bb722f895ce4aaebc9b930 306076 openssh-server-udeb_8.2p1-4ubuntu0.11_s390x.udeb dca44f87516680fe8af486ce3f076023fb3c3282 351000 openssh-server_8.2p1-4ubuntu0.11_s390x.deb 7707b5fe802555afbe11542ac643704571f494fd 162372 openssh-sftp-server-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 3b3b32fe7afb76f79720ca4052f90974e841f246 48376 openssh-sftp-server_8.2p1-4ubuntu0.11_s390x.deb a6db0ec0d67f560251659611d09c6160dc4b655f 2395284 openssh-tests-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 313a0feb179a61c5bbe31d1d50765e04d763ca45 635628 openssh-tests_8.2p1-4ubuntu0.11_s390x.deb ad2ee4858161c226fbca4bb6a6c15eee531dc345 19579 openssh_8.2p1-4ubuntu0.11_s390x.buildinfo 6b39e9c231717aa04121ecc8c71f9824f8324154 8496 openssh_8.2p1-4ubuntu0.11_s390x_translations.tar.gz ebc89a7a97ecb248961db0481caf23fa6fab3932 12780 ssh-askpass-gnome-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 277be53e1fb02d8feffe6940260333a072d86b72 17300 ssh-askpass-gnome_8.2p1-4ubuntu0.11_s390x.deb Checksums-Sha256: 20f3c38df39e180daf9259a52e11423c82f02e257122b2bcc63087a128905e31 3967020 openssh-client-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 2330a38036a20e17c60b932fb587a39e0508f4167c640c8249f0219f97ad6007 285492 openssh-client-udeb_8.2p1-4ubuntu0.11_s390x.udeb 1981b9ec2b6f8c69c1dfb709c90fefa5c90a047da62b22d7db4a14876ba26a55 623716 openssh-client_8.2p1-4ubuntu0.11_s390x.deb 94d0d14421340ae4d433316254b2a9367d7d52e1cda702b45d246d1b0de4f8c4 1079884 openssh-server-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 510d2d0664f21a0f7691e45364fea58b2470460038edc06685298ed032d288a1 306076 openssh-server-udeb_8.2p1-4ubuntu0.11_s390x.udeb 10b8f9c9555ccefc30c3553a46a97e06f1dbdfac1e4190eeb70225ec40dc1a55 351000 openssh-server_8.2p1-4ubuntu0.11_s390x.deb 1ad3679e017f47f1522318b543a11a6cd9c791baf592cbc428512bc5e0c3a6cd 162372 openssh-sftp-server-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 9d691333a784b766829826f1727ae828bfc52d935dd7915e992166e930260b14 48376 openssh-sftp-server_8.2p1-4ubuntu0.11_s390x.deb b0df2db0e1d884f434c8da4803de87a0ebcd37ab94d6c43b0e5905d3e7284c81 2395284 openssh-tests-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 0355b216954970ea02a3643af6beb1e18ebbdb88c159b47fe27d571c41898723 635628 openssh-tests_8.2p1-4ubuntu0.11_s390x.deb 8783b9693c9b34c38137667a2cd4dae1c4b9a96081a749b14120d4426014f4bf 19579 openssh_8.2p1-4ubuntu0.11_s390x.buildinfo a183d0afd74a88d44266a0fd5f48e5e4926d5fa266f9206bea0d085c9ab07ee6 8496 openssh_8.2p1-4ubuntu0.11_s390x_translations.tar.gz 50d3f10e168359b10d44b639521b4813d276b502f0d962a0928b5a4dc3856506 12780 ssh-askpass-gnome-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb e380a174595fc99d281dbb9fc34bfbaad1c49497b2313d474a8bd7eefa2a5e5c 17300 ssh-askpass-gnome_8.2p1-4ubuntu0.11_s390x.deb Files: c46dc6b68ec128f9f75489558f39d294 3967020 debug optional openssh-client-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb d8a1c487bc4cac4f0bc8de0866bde55c 285492 debian-installer optional openssh-client-udeb_8.2p1-4ubuntu0.11_s390x.udeb 8e0571ded48bffcd7aa82622b360c136 623716 net standard openssh-client_8.2p1-4ubuntu0.11_s390x.deb 6386aaf89d771bd552ee983f7a0ff431 1079884 debug optional openssh-server-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 0bd917c7bb1b30422ae57d3a080e6f60 306076 debian-installer optional openssh-server-udeb_8.2p1-4ubuntu0.11_s390x.udeb b416f2eb238cf5da43280406c776dd32 351000 net optional openssh-server_8.2p1-4ubuntu0.11_s390x.deb 3ed42c3d66652af9e732765e8b2b79c0 162372 debug optional openssh-sftp-server-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb d9354a06520480e78be8ecd800371e98 48376 net optional openssh-sftp-server_8.2p1-4ubuntu0.11_s390x.deb e5ff2997ebc7bf7e99c50855dab1f666 2395284 debug optional openssh-tests-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 3b9617a000da13568d5a6816bd7ef57d 635628 net optional openssh-tests_8.2p1-4ubuntu0.11_s390x.deb ab8f714ddcef264d42175aa54f3662d0 19579 net standard openssh_8.2p1-4ubuntu0.11_s390x.buildinfo b03ac7ee828163ed88a0a3740e8d8702 8496 raw-translations - openssh_8.2p1-4ubuntu0.11_s390x_translations.tar.gz f0a8ec9981374057fefc3e0414deb011 12780 debug optional ssh-askpass-gnome-dbgsym_8.2p1-4ubuntu0.11_s390x.ddeb 7c9e8ce1f778c7ff2b442a808f7c19ee 17300 gnome optional ssh-askpass-gnome_8.2p1-4ubuntu0.11_s390x.deb Original-Maintainer: Debian OpenSSH Maintainers