4 matches found
CLSA-2026-1779694887 rsync: Fix of CVE-2026-29518
CVE-2026-29518: fix daemon-no-chroot TOCTOU symlink race by tracking per-module chroot in amchrooted, routing sender read-path, receiver basis-file open, mkstemp, and inplace write through securerelativeopen / securemkstemp...
CLSA-2026-1779694727 Fix CVE(s): CVE-2026-29518
SECURITY UPDATE: daemon-no-chroot TOCTOU symlink race - debian/patches/CVE-2026-29518.patch: track per-module chroot in amchrooted and usesecuresymlinks; route the sender's read-path open, the receiver's basis-file open, mkstemp, and inplace write through securerelativeopen / securemkstemp -...
CLSA-2023-1691606742 openssh: Fix of CVE-2023-38408
CVE-2023-38408: checks libraries before dlopen and separate ssh-pkcs11-helpers for each p11 module...
CLSA-2023-1691576488 Fix CVE(s): CVE-2023-38408
SECURITY UPDATE: helper programs can dlopen/dlclose any libraries from /usr/lib - debian/patches/CVE-2023-38408-Ensure-FIDO-PKCS11-libraries-contain-expect.patch: checks libraries before dlopen - debian/patches/CVE-2023-38408-Separate-ssh-pkcs11-helpers-for-each-p11-mo.patch: separate...