<html>

    <head>

      <base href="https://bugzilla.rosalinux.ru/">

    </head>

    <body><span class="vcard"><a class="email" href="mailto:s.matveev&#64;rosalinux.ru" title="Svyatoslav Matveev &lt;s.matveev&#64;rosalinux.ru&gt;"> <span class="fn">Svyatoslav Matveev</span></a>

</span> changed

          <a class="bz_bug_link 

          bz_status_RESOLVED  bz_closed"

   title="RESOLVED FIXED - [CVE 21] OpenSSH 9.5 CVEs found"

   href="https://bugzilla.rosalinux.ru/show_bug.cgi?id=14311">bug 14311</a>

          <br>

             <table border="1" cellspacing="0" cellpadding="8">

          <tr>

            <th>What</th>

            <th>Removed</th>

            <th>Added</th>

          </tr>

         <tr>

           <td style="text-align:right;">Priority</td>

           <td>Normal

           </td>

           <td>High

           </td>

         </tr>

         <tr>

           <td style="text-align:right;">Status</td>

           <td>CONFIRMED

           </td>

           <td>RESOLVED

           </td>

         </tr>

         <tr>

           <td style="text-align:right;">CC</td>

           <td>

               &nbsp;

           </td>

           <td>s.matveev&#64;rosalinux.ru

           </td>

         </tr>

         <tr>

           <td style="text-align:right;">Resolution</td>

           <td>---

           </td>

           <td>FIXED

           </td>

         </tr>

         <tr>

           <td style="text-align:right;">Target Milestone</td>

           <td>---

           </td>

           <td>2021.1 Fresh R12

           </td>

         </tr>

         <tr>

           <td style="text-align:right;">Flags</td>

           <td>

               &nbsp;

           </td>

           <td>qa_verified?

           </td>

         </tr></table>

      <p>

        <div>

            <b><a class="bz_bug_link 

          bz_status_RESOLVED  bz_closed"

   title="RESOLVED FIXED - [CVE 21] OpenSSH 9.5 CVEs found"

   href="https://bugzilla.rosalinux.ru/show_bug.cgi?id=14311#c2">Comment # 2</a>

              on <a class="bz_bug_link 

          bz_status_RESOLVED  bz_closed"

   title="RESOLVED FIXED - [CVE 21] OpenSSH 9.5 CVEs found"

   href="https://bugzilla.rosalinux.ru/show_bug.cgi?id=14311">bug 14311</a>

              from <span class="vcard"><a class="email" href="mailto:s.matveev&#64;rosalinux.ru" title="Svyatoslav Matveev &lt;s.matveev&#64;rosalinux.ru&gt;"> <span class="fn">Svyatoslav Matveev</span></a>

</span></b>

        <pre>(In reply to Vladimir Potapov from <a href="show_bug.cgi?id=14311#c1">comment #1</a>)

<span class="quote">&gt; Хай пока никто не исправил, ни дебиан

&gt; <a href="https://security-tracker.debian.org/tracker/CVE-2023-51767">https://security-tracker.debian.org/tracker/CVE-2023-51767</a>

&gt; ни редхат

&gt; <a href="https://bugzilla.mindrot.org/show_bug.cgi?id=3656">https://bugzilla.mindrot.org/show_bug.cgi?id=3656</a>

&gt; В редхате вообще считают возможность эксплойта нереальной.</span >

********** QA ADVISORY **********

CVE-2023-51767 еще не исправлен.

Остальные уязвимости закрыты обновлением.

*** openssh

**  9.5p1 .. 9.6p1

<a href="https://abf.io/build_lists/4995133">https://abf.io/build_lists/4995133</a>

<a href="https://abf.io/build_lists/4995134">https://abf.io/build_lists/4995134</a>

<a href="https://abf.io/build_lists/4995135">https://abf.io/build_lists/4995135</a>

<a href="https://abf.io/build_lists/4995137">https://abf.io/build_lists/4995137</a>

<a href="https://abf.io/build_lists/4995155">https://abf.io/build_lists/4995155</a></pre>

        </div>

      </p>

      <hr>

      <span>You are receiving this mail because:</span>

      <ul>

          <li>You are the QA Contact for the bug.</li>

          <li>You are the assignee for the bug.</li>

      </ul>

    </body>

</html>