summaryrefslogtreecommitdiffstats
path: root/debian/changelog
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--debian/changelog20
1 files changed, 20 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog
index 852e8b9..0e30cc0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,23 @@
+openssh (1:7.9p1-10+deb10u3) buster-security; urgency=high
+
+ * Non-maintainer upload.
+
+ [ Salvatore Bonaccorso ]
+ * ssh(1): Fix bad interaction between the ssh_config ConnectTimeout
+ and ConnectionAttempts directives - connection attempts after the
+ first were ignoring the requested timeout (LP: #1798049).
+
+ [ Utkarsh Gupta ]
+ * remote code execution relating to PKCS#11 providers
+ - debian/patches/CVE-2023-38408-1.patch: terminate process if requested
+ to load a PKCS#11 provider that isn't a PKCS#11 provider in
+ ssh-pkcs11.c.
+ - debian/patches/CVE-2023-38408-3.patch: ensure FIDO/PKCS11 libraries
+ contain expected symbols in misc.c, misc.h, ssh-pkcs11.c, ssh-sk.c.
+ - CVE-2023-38408
+
+ -- Utkarsh Gupta <utkarsh@debian.org> Wed, 29 Mar 2023 11:02:23 +0200
+
openssh (1:7.9p1-10+deb10u2) buster; urgency=medium
* Apply upstream patch to deny (non-fatally) ipc in the seccomp sandbox,