Format: 1.8 Date: Mon, 18 Dec 2023 11:28:16 -0500 Source: openssh Binary: openssh-client openssh-server openssh-sftp-server openssh-tests ssh ssh-askpass-gnome Built-For-Profiles: noudeb Architecture: amd64 amd64_translations all Version: 1:8.9p1-3ubuntu0.5 Distribution: jammy Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: openssh-client - secure shell (SSH) client, for secure access to remote machines openssh-server - secure shell (SSH) server, for secure access from remote machines openssh-sftp-server - secure shell (SSH) sftp server module, for SFTP access from remot openssh-tests - OpenSSH regression tests ssh - secure shell client and server (metapackage) ssh-askpass-gnome - interactive X program to prompt users for a passphrase for ssh-ad Changes: openssh (1:8.9p1-3ubuntu0.5) jammy-security; urgency=medium . * SECURITY UPDATE: Prefix truncation attack on BPP - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in PROTOCOL, kex.c, kex.h, packet.c, sshconnect2.c, sshd.c. - CVE-2023-48795 * SECURITY UPDATE: smartcard constraints not added to agent - debian/patches/CVE-2023-28531.patch: include destination constraints for smartcard keys too in authfd.c. - CVE-2023-28531 Checksums-Sha1: 68c2c9ce074109841b576e8f27d5e5a7ce43b3e6 3010152 openssh-client-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 77cbc86279eff4fac3f9cf144bcf434818273578 905810 openssh-client_8.9p1-3ubuntu0.5_amd64.deb 8fb8511eaf3143a86b326396e668c8a3676e3620 964784 openssh-server-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 97f2f806d5150273396259d81908f92f553d9203 435334 openssh-server_8.9p1-3ubuntu0.5_amd64.deb 6ecff14b73d4387f8d7786e2821e425c2de10cca 109716 openssh-sftp-server-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 542ed4f00fbfc71e2d77d03bb350ace28c0cfef7 38714 openssh-sftp-server_8.9p1-3ubuntu0.5_amd64.deb 192a850292aef85e0ceb91fd0e7acb81f121c249 1534316 openssh-tests-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 2cc92a0a5108c74cc4dccb3c2ce0bfc12da68ce9 1419474 openssh-tests_8.9p1-3ubuntu0.5_amd64.deb b17396651316897ef80bca426ffec370acceb7a9 19164 openssh_8.9p1-3ubuntu0.5_amd64.buildinfo 9e2d790cd9c5c7884aa6574a010efef66b2fddeb 8503 openssh_8.9p1-3ubuntu0.5_amd64_translations.tar.gz 9a112d2a3db475768394b0e624fde1c20f349b51 17236 ssh-askpass-gnome-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb f856884cd71aaf3b124ba967ef370280cb859df5 17994 ssh-askpass-gnome_8.9p1-3ubuntu0.5_amd64.deb 81433e2520dca688f7e07afdde1fe77978143670 4842 ssh_8.9p1-3ubuntu0.5_all.deb Checksums-Sha256: 1af78fa1dcf837d20609e5caacc84ce08a277ee88b82de9a04b9098da8ca383e 3010152 openssh-client-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 7bcaa14d8f9007fc207c0929c1fbae61e31a29439200aabf0fe3a5ba20aa3034 905810 openssh-client_8.9p1-3ubuntu0.5_amd64.deb 500f6e0ff53e7148a6caf08227607ea441e90c6deb463ffe841e18c2c1b64555 964784 openssh-server-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 802d3e264c3aa44e67ac92c876a523b495ba940678f4f373b557f806dfb1dba0 435334 openssh-server_8.9p1-3ubuntu0.5_amd64.deb 80b7c4869f1e176bccdf8bef6876c786a8698eac88d7866284fa3202655d17ae 109716 openssh-sftp-server-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 535757a72e48daee0890fa7e512d1cad9bc6928095af079dad523e6b8f9c5b8a 38714 openssh-sftp-server_8.9p1-3ubuntu0.5_amd64.deb 0cf12a877a30342895d8fb4ab8e7fea407a8c76f6f23e917163eb681dcf6c712 1534316 openssh-tests-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb ba14fa7da56b4e91098ce3fb690eb7e6243b09a11196d2fa286fc37dba70f1b7 1419474 openssh-tests_8.9p1-3ubuntu0.5_amd64.deb 996867664f0827ad19780735673e46919c915b50d4be1b8c942dca4430145c10 19164 openssh_8.9p1-3ubuntu0.5_amd64.buildinfo 4ddda3015eb81cc4977391da33b86c59cf8c93ae24e6adf5072a550e45ac5999 8503 openssh_8.9p1-3ubuntu0.5_amd64_translations.tar.gz c143664a54cd6d70cd0a8b96f8abf7ca4314f62152d646eb3f25e63d5afaf21c 17236 ssh-askpass-gnome-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 58d08799e8682a4f610ca9634780288f0a59be2c792b0ec87bd7016b426c9d61 17994 ssh-askpass-gnome_8.9p1-3ubuntu0.5_amd64.deb 4a23d7508c9263a65a97eb4c47ac079556a0b9e55c07dd5002b0b50dd18c4fea 4842 ssh_8.9p1-3ubuntu0.5_all.deb Files: c51c0fcc8f76a13daa13cbea958d8ec4 3010152 debug optional openssh-client-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 93362b0cf6aa1039f0b73af56dd682dc 905810 net standard openssh-client_8.9p1-3ubuntu0.5_amd64.deb f3a426377894d2f2121f41dea74efd34 964784 debug optional openssh-server-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 0765f742c904e2ac033b5d7b77af48e0 435334 net optional openssh-server_8.9p1-3ubuntu0.5_amd64.deb bec71ae378e14a18252e877fdf0acc81 109716 debug optional openssh-sftp-server-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 84915d4205d06aed4f45ec8b8c0f4325 38714 net optional openssh-sftp-server_8.9p1-3ubuntu0.5_amd64.deb 25f850689f9ff0c0ce96464a48e16af2 1534316 debug optional openssh-tests-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb 86da8e9be03df026250ab88735bb9919 1419474 net optional openssh-tests_8.9p1-3ubuntu0.5_amd64.deb ceb430e5225eac75117ebaee649c64bd 19164 net standard openssh_8.9p1-3ubuntu0.5_amd64.buildinfo c95d20fe9dece4719189570734e885a9 8503 raw-translations - openssh_8.9p1-3ubuntu0.5_amd64_translations.tar.gz c7e3913c3372d37f5d0f80148bd4565f 17236 debug optional ssh-askpass-gnome-dbgsym_8.9p1-3ubuntu0.5_amd64.ddeb f3cc9a9ca04eda562bd0a3abeaec4b35 17994 gnome optional ssh-askpass-gnome_8.9p1-3ubuntu0.5_amd64.deb 6c34dab57420e48558a1e94764c8ca72 4842 net optional ssh_8.9p1-3ubuntu0.5_all.deb Original-Maintainer: Debian OpenSSH Maintainers