Post AXr8ERCfP7Fn02EXbM by djm@cybervillains.com
 (DIR) More posts by djm@cybervillains.com
 (DIR) Post #AXr8ERCfP7Fn02EXbM by djm@cybervillains.com
       2023-07-19T14:32:43Z
       
       1 likes, 4 repeats
       
       We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408). Details at https://openssh.com/releasenotes.html#9.3p2Thanks to the Qualys Security Advisory Team for finding and reporting this bug.
       
 (DIR) Post #AXrQIMCRkP8hoZ9Iki by alanc@fosstodon.org
       2023-07-19T18:29:30Z
       
       0 likes, 1 repeats
       
       @cynicalsecurity @djm it is rather amazing: https://www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt