Bug#1052150: bullseye-pu: package openssh/1:8.4p1-5+deb11u2
Control: tags -1 confirmed
On Mon, 2023-09-18 at 09:03 +0100, Colin Watson wrote:
> https://bugs.debian.org/1042460 is a security issue affecting
> bullseye.
> The security team doesn't think it warrants a DSA, but thinks it's
> worth
> fixing in a point release. I agree.
>
> [ Impact ]
> Forwarding an SSH agent to a remote system may be exploitable by
> administrators of that remote system in complicated conditions. See
> https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt.
>
Please go ahead.
Regards,
Adam
Reply to: