Date: Mon, 05 Jun 2023 12:28:58 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 271839] crypto/openssh: Status of CVE-2023-28531 Message-ID: <bug-271839-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271839 Bug ID: 271839 Summary: crypto/openssh: Status of CVE-2023-28531 Product: Base System Version: 12.4-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: pascal.bryner@hostpoint.ch Since 03/17/2023 a critical vulnerability in openssh 8.9 up to 9.2 has been reported: https://www.openwall.com/lists/oss-security/2023/03/15/8 OpenSSH versions prior to 9.3 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). How is the status of this security-flaw? According to https://nvd.nist.gov/vuln/detail/CVE-2023-28531 it has been ra= ted as 9.8/critical --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-271839-227>