UbuntuUpdates.org

Bugs fixes in "openssh"

Origin Bug number Title Date fixed
CVE CVE-2024-39894 OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeyst 2024-07-09
CVE CVE-2024-39894 OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeyst 2024-07-09
CVE CVE-2024-39894 OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeyst 2024-07-09
CVE CVE-2024-39894 OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g., for su and Sudo) because of an ObscureKeyst 2024-07-09
Launchpad 2053146 openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex method is slightly wrong 2024-04-17
Launchpad 2053146 openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex method is slightly wrong 2024-04-17
Launchpad 2053146 openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex method is slightly wrong 2024-04-05
Launchpad 2053146 openssh 8.9p1 for Jammy auth2-gss patch for gssapi-keyex method is slightly wrong 2024-04-05
CVE CVE-2023-51385 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by a 2024-01-03
CVE CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups 2024-01-03
CVE CVE-2023-51385 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by a 2024-01-03
CVE CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups 2024-01-03
CVE CVE-2023-51385 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by a 2024-01-03
CVE CVE-2023-51384 In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during ad 2024-01-03
CVE CVE-2023-51385 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by a 2024-01-03
CVE CVE-2023-51384 In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during ad 2024-01-03
CVE CVE-2023-51385 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by a 2024-01-03
CVE CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups 2024-01-03
CVE CVE-2023-51385 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by a 2024-01-03
CVE CVE-2021-41617 sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups 2024-01-03



About   -   Send Feedback to @ubuntu_updates