Bug#848714: openssh: CVE-2016-10009
Source: openssh
Version: 1:7.3p1-5
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for openssh.
CVE-2016-10009[0]:
|ssh-agent(1): load PKCS#11 modules from paths outside a trusted
|whitelist
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2016-10009
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10009
Please adjust the affected versions in the BTS as needed. Note, I'm
opening individual bugs for the four assigned CVEs. The reason is that
is is not yet triaged if the set of common affected versions is the
same for all. This allows us to track the CVEs in BTS.
Regards,
Salvatore
Reply to: