Re: [SECURITY] [DLA 611-1] jsch security update

To: debian-lts@lists.debian.org
Subject: Re: [SECURITY] [DLA 611-1] jsch security update
From: Jarkko Santala <jake@iki.fi>
Date: Mon, 5 Sep 2016 21:09:40 +0300
Message-id: <[🔎] 307487AE-A059-4477-AF88-CA7D9A16204F@iki.fi>
In-reply-to: <1473098865.508417.716385929.1A90A99C@webmail.messagingengine.com>
References: <1473098865.508417.716385929.1A90A99C@webmail.messagingengine.com>

unsubscribe

> On 5.9.2016, at 21:07 , Chris Lamb <lamby@debian.org> wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Package        : jsch
> Version        : 0.1.42-2+deb7u1
> CVE ID         : CVE-2016-5725
> 
> It was discovered that there was a path traversal vulnerability in jsch, a
> pure Java implementation of the SSH2 protocol.
> 
> For Debian 7 "Wheezy", this issue has been fixed in jsch version
> 0.1.42-2+deb7u1.
> 
> We recommend that you upgrade your jsch packages.
> 
> 
> Regards,
> 
> - -- 
>      ,''`.
>     : :'  :     Chris Lamb
>     `. `'`      lamby@debian.org / chris-lamb.co.uk
>       `-
> 
> -----BEGIN PGP SIGNATURE-----
> 
> iQIcBAEBCAAGBQJXzbQ7AAoJEB6VPifUMR5YwuUP/iVTPIRM9GRiINkjxDQ7dw0w
> 85iwaNo2obd442voLOYuDx73fUdeDtM/UQ8JefcK6mw90I6R/2vlgHhr0xNyMUpS
> VjBI2e0fNcV5pGFI9IZEo6Yon8SQ1ccNMoYIa2Ek8eEai569dNZ9H3XW8dGPMVV2
> IGcO/nBQTxRzhhKU+Mbysr9tJLprOTSWZ5u6qwe0STxsDuXiYOHjAYHHw3ZY4KYs
> ll3TUg8s5FGLv38Tj3a6oUFPkoRYP6a9h5c50LtNBOnedOtxyB0huvg/PydTrxvP
> k75mEhNg1bwMd4fF9hOfiy37MF9h2VHNF9DZJkd5mK1OncSbhyhaXQznmNt8z9Zk
> QfdsqjPPqEnJCuzPPW9DhORBz0d9tkcivdAkSyD/KLF1zTHUAXJcU5sjsuxi3l1G
> hqfHyM9mFQzH7qRhP+pFOa0PPQtdoWsDtO2oljv7zYo+SbDxMqBpOK2QX7ZnBkGz
> FLMPGrfhXMKh9l+s93EKAghznq5OSw/OaFhaJeu1N176mrCF/xghjUHJSu6F7uJB
> bcm2O1JZBgzblHpsLY7XH9xHa0gPmSJpoElRc/rsaCAHNhxwBHhv9MaGFh7Vw0D5
> JOZ+whbr+A99BUC5XG1R+z1sj/FPZbbH0d4MQbxSgbPrXrrK2D/ZVTgFQPLEyETL
> 32mlJdwjA8bE3V/74N/c
> =2BTa
> -----END PGP SIGNATURE-----
> 

-- 
Jarkko Santala <jake@iki.fi> +358 40 720 4512

Reply to:

Prev by Date: Re: qemu: CVE-2016-7116
Next by Date: LTS report for August
Previous by thread: LTS Report for August 2016
Next by thread: LTS report for August
Index(es):
- Date
- Thread