Hi Salvatore, On Tue, Dec 19, 2023 at 11:24 AM Salvatore Bonaccorso <car...@debian.org> wrote: > > Source: erlang > Version: 1:25.2.3+dfsg-1 > Severity: important > Tags: security upstream > X-Debbugs-Cc: car...@debian.org, Debian Security Team > <t...@security.debian.org> > > Hi, > > The following vulnerability was published for erlang. > > CVE-2023-48795[0]:
Reading the latest announcement on the Erlang mailing list I've found that there is an update of ssh in Erlang 25 which addresses CVE-2023-48795: https://erlang.org/pipermail/erlang-announce/2023-December/000260.html I will try to backport these changes to Erlang currently in stable if it's necessary. As for the unstable, the newest version will fix this as well. Cheers! -- Sergei Golovan