Bugs fixes in "openssh"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-28531 | ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is | 2023-12-19 |
| CVE | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integri | 2023-12-19 |
| CVE | CVE-2023-28531 | ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is | 2023-12-19 |
| CVE | CVE-2023-48795 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integri | 2023-12-19 |
| Launchpad | 2031942 | AuthorizedPrincipalsCommand is ignored if AuthorizedKeysCommand is set | 2023-09-14 |
| Launchpad | 2031942 | AuthorizedPrincipalsCommand is ignored if AuthorizedKeysCommand is set | 2023-09-14 |
| Launchpad | 2031942 | AuthorizedPrincipalsCommand is ignored if AuthorizedKeysCommand is set | 2023-09-06 |
| Launchpad | 2031942 | AuthorizedPrincipalsCommand is ignored if AuthorizedKeysCommand is set | 2023-09-06 |
| CVE | CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man | 2023-08-09 |
| Launchpad | 2030275 | Include mitigation for CVE-2020-14145 | 2023-08-09 |
| CVE | CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man | 2023-08-09 |
| Launchpad | 2030275 | Include mitigation for CVE-2020-14145 | 2023-08-09 |
| CVE | CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man | 2023-08-09 |
| Launchpad | 2030275 | Include mitigation for CVE-2020-14145 | 2023-08-09 |
| CVE | CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man | 2023-08-09 |
| Launchpad | 2030275 | Include mitigation for CVE-2020-14145 | 2023-08-09 |
| CVE | CVE-2023-38408 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent | 2023-07-25 |
| CVE | CVE-2023-38408 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent | 2023-07-24 |
| CVE | CVE-2023-38408 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent | 2023-07-24 |
| CVE | CVE-2023-38408 | The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent | 2023-07-24 |
About
-
Send Feedback to @ubuntu_updates
