* https://threatprotect.qualys.com/2023/12/26/ssh-proxycommand-unexpected-code-execution-vulnerability-cve-2023-51385/ * https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce.html Per the second link, this affects libssh too. """ Using the ProxyCommand or the ProxyJump feature enables users to exploit unchecked hostname syntax on the client, which enables to inject malicious code into the command of the above-mentioned features through the hostname parameter. User interaction is required to exploit this issue. """
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=b5fd84fed4c7e7ddb236f13fb5044cc546ce7c6c commit b5fd84fed4c7e7ddb236f13fb5044cc546ce7c6c Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-12-28 02:21:11 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-12-28 02:22:08 +0000 [ GLSA 202312-16 ] libssh: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/920291 Bug: https://bugs.gentoo.org/920724 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202312-16.xml | 44 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e1565810cb6fde75c0271f52eaf08f28d1548b66 commit e1565810cb6fde75c0271f52eaf08f28d1548b66 Author: Andreas Sturmlechner <asturm@gentoo.org> AuthorDate: 2024-01-03 22:28:41 +0000 Commit: Andreas Sturmlechner <asturm@gentoo.org> CommitDate: 2024-01-03 23:00:47 +0000 net-libs/libssh: Cleanup vulnerable 0.10.5 Bug: https://bugs.gentoo.org/920291 Bug: https://bugs.gentoo.org/920724 Signed-off-by: Andreas Sturmlechner <asturm@gentoo.org> net-libs/libssh/Manifest | 1 - net-libs/libssh/libssh-0.10.5.ebuild | 135 ----------------------------------- 2 files changed, 136 deletions(-)
Cleanup done, kde proj out.
