Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker
Commits: 60062332 by Tobias Frost at 2023-05-21T15:56:01+02:00 CVE-2023-2283/libssh [buster] vulnerable code introduced later. Vulnerablity is in function pki_verify_data_signature and explained in [1] Commit that introduces vulnerable function: https://git.libssh.org/projects/libssh.git/commit/?id=fd94465 Commit that starts using the function: https://git.libssh.org/projects/libssh.git/commit/?id=db51fa1 git tag --contains fd94465 shows that this commit no earlier than 0.9.0 part of any release. The implementation present in buster, 0.8.7, does not have the refactoring and errors out correctly with return SSH_ERROR in the verify functiob pki_signature_verify that will in a later version call the vulnearble pki_verify_data_signature(). [1] https://www.libssh.org/security/advisories/CVE-2023-2283.txt - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1653,9 +1653,11 @@ CVE-2023-31207 (Transmission of credentials within query parameters in Checkmk < CVE-2023-2283 [Authorization bypass in pki_verify_data_signature] RESERVED - libssh 0.10.5-1 (bug #1035832) + [buster] - libssh <not-affected> (Vulnerable code introduced later) NOTE: https://www.libssh.org/security/advisories/CVE-2023-2283.txt NOTE: https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=e8dfbb85a28514e1f869dac3000c6cec6cb8d08d (libssh-0.10.5) NOTE: https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=c68a58575b6d0520e342cb3d3796a8fecd66405d (libssh-0.10.5) + NOTE: Commit https://git.libssh.org/projects/libssh.git/commit/?id=fd94465 introduces vulnerable function (libssh-0.9.0) CVE-2023-2282 (Improper access control in the Web Login listener in Devolutions Remot ...) NOT-FOR-US: Devolutions CVE-2023-2281 (When archiving a team, Mattermost fails to sanitize the related Websoc ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60062332c17f97333c483413f0240c2aa2b88e61 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/60062332c17f97333c483413f0240c2aa2b88e61 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits