[CLSA-2023:1691576488] Fix CVE(s): CVE-2023-38408

Type:

security

Severity:

Critical

Release date:

2023-08-09 10:21:32 UTC

Description:

   * SECURITY UPDATE: helper programs can dlopen()/dlclose() any libraries
     from /usr/lib
     - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch:
       checks libraries before dlopen
     - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch:
       separate ssh-pkcs11-helpers for each p11 module
     - CVE-2023-38408

Updated packages:

openssh-client_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:e3c5d802ec59b2c56e2fe0b83c3020a124daf1e3
openssh-server_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:fc98f2c3efad8ccb6f0bcbb9fd72b033cb53db83
openssh-sftp-server_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:2e8e4a2c12df6f1a7d8fe275748a46c79f7e9a8c
ssh_7.6p1-4ubuntu0.7+tuxcare.els2_all.deb
sha:d7bed506d657d06ea6e5eebc3e0238eeb49b0413
ssh-askpass-gnome_7.6p1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:5e1ab8802deb47c7158699c9d0254521717ad643

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.