diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2023-12-30 11:17:04 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2023-12-30 11:17:04 +0100 |
| commit | 1dd37d4c8a36752d89b1c7abf2291986214644e5 (patch) | |
| tree | 96e100767d37a1ba58f75f4dd0b6df9e33e26359 | |
| parent | 644476406dfde6cb218347bca3b80588366b4eca (diff) | |
Add phpseclib tracking for CVE-2023-48795
| -rw-r--r-- | data/CVE/list | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 9a8b73448a..92b4e3d76a 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2076,6 +2076,9 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun [buster] - libssh2 <not-affected> (ChaCha20-Poly1305 and CBC-EtM support not present) - openssh 1:9.6p1-1 - paramiko <unfixed> (bug #1059006) + - phpseclib 1.0.22-1 + - php-phpseclib 2.0.46-1 + - php-phpseclib3 3.0.35-1 - proftpd-dfsg 1.3.8.b+dfsg-1 (bug #1059144) [bookworm] - proftpd-dfsg <no-dsa> (Minor issue) [bullseye] - proftpd-dfsg <no-dsa> (Minor issue) @@ -2110,6 +2113,8 @@ CVE-2023-48795 (The SSH transport protocol with certain OpenSSH extensions, foun NOTE: OpenSSH: https://www.openwall.com/lists/oss-security/2023/12/18/2 NOTE: OpenSSH (strict key exchange): https://github.com/openssh/openssh-portable/commit/1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5 (V_9_6_P1) NOTE: paramiko: https://github.com/paramiko/paramiko/issues/2337 + NOTE: phpseclib: https://github.com/phpseclib/phpseclib/issues/1972 + NOTE: phpseclib: https://github.com/phpseclib/phpseclib/commit/c8e3ab9317abae80d7f58fd9acd9214b57572b32 (1.0.22, 2.0.46, 3.0.35) NOTE: proftpd: https://github.com/proftpd/proftpd/issues/1760 NOTE: proftpd: https://github.com/proftpd/proftpd/commit/7fba68ebb3ded3047a35aa639e115eba7d585682 (v1.3.9rc2) NOTE: proftpd: https://github.com/proftpd/proftpd/commit/bcec15efe6c53dac40420731013f1cd2fd54123b (v1.3.8b) |