Package "openssh"

Name: openssh


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • OpenSSH regression tests
  • interactive X program to prompt users for a passphrase for ssh-add

Latest version: 1:9.0p1-1ubuntu8.4
Release: lunar (23.04)
Level: security
Repository: universe


Other versions of "openssh" in Lunar

Repository Area Version
base main 1:9.0p1-1ubuntu8
base universe 1:9.0p1-1ubuntu8
security main 1:9.0p1-1ubuntu8.4
updates main 1:9.0p1-1ubuntu8.5
updates universe 1:9.0p1-1ubuntu8.5

Packages in group

Deleted packages are displayed in grey.


Version: 1:9.0p1-1ubuntu8.4 2023-07-24 19:07:18 UTC

  openssh (1:9.0p1-1ubuntu8.4) lunar-security; urgency=medium

  * SECURITY UPDATE: remote code execution relating to PKCS#11 providers
    - debian/patches/CVE-2023-38408-1.patch: terminate process if requested
      to load a PKCS#11 provider that isn't a PKCS#11 provider in
    - debian/patches/CVE-2023-38408-2.patch: disallow remote addition of
      FIDO/PKCS11 provider in ssh-agent.1, ssh-agent.c.
    - debian/patches/CVE-2023-38408-3.patch: ensure FIDO/PKCS11 libraries
      contain expected symbols in misc.c, misc.h, ssh-pkcs11.c, ssh-sk.c.
    - CVE-2023-38408

 -- Marc Deslauriers <email address hidden> Wed, 19 Jul 2023 15:40:25 -0400

CVE-2023-38408 The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent

About   -   Send Feedback to @ubuntu_updates