{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "openssh-client", "openssh-server", "openssh-sftp-server" ] } }, "diff": { "deb": [ { "name": "openssh-client", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.5", "version": "1:9.6p1-3ubuntu13.5" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.8", "version": "1:9.6p1-3ubuntu13.8" }, "cves": [ { "cve": "CVE-2025-26465", "url": "https://ubuntu.com/security/CVE-2025-26465", "cve_description": "The OpenSSH client is vulnerable to an active machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (it is disabled by default): when a vulnerable client connects to a server, an active machine-in-the-middle can impersonate the server by completely bypassing the client's checks of the server's identity.", "cve_priority": "medium", "cve_public_date": "2025-02-18" }, { "cve": "CVE-2025-26466", "url": "https://ubuntu.com/security/CVE-2025-26466", "cve_description": "The OpenSSH client and server are vulnerable to a pre-authentication denial-of-service attack: an asymmetric resource consumption of both memory and CPU. This vulnerability was introduced in August 2023 (shortly before OpenSSH 9.5p1) by commit dce6d80 (\"Introduce a transport-level ping facility\").", "cve_priority": "medium", "cve_public_date": "2025-02-18" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-26465", "url": "https://ubuntu.com/security/CVE-2025-26465", "cve_description": "The OpenSSH client is vulnerable to an active machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (it is disabled by default): when a vulnerable client connects to a server, an active machine-in-the-middle can impersonate the server by completely bypassing the client's checks of the server's identity.", "cve_priority": "medium", "cve_public_date": "2025-02-18" }, { "cve": "CVE-2025-26466", "url": "https://ubuntu.com/security/CVE-2025-26466", "cve_description": "The OpenSSH client and server are vulnerable to a pre-authentication denial-of-service attack: an asymmetric resource consumption of both memory and CPU. This vulnerability was introduced in August 2023 (shortly before OpenSSH 9.5p1) by commit dce6d80 (\"Introduce a transport-level ping facility\").", "cve_priority": "medium", "cve_public_date": "2025-02-18" } ], "log": [ "", " * SECURITY UPDATE: MitM with VerifyHostKeyDNS option", " - debian/patches/CVE-2025-26465.patch: fix error code handling in", " krl.c, ssh-agent.c, ssh-sk-client.c, sshconnect2.c, sshsig.c.", " - CVE-2025-26465", " * SECURITY UPDATE: pre-authentication denial of service", " - debian/patches/CVE-2025-26466.patch: don't reply to PING in preauth", " or in KEX in packet.c.", " - CVE-2025-26466", " * NOTE: this package does _not_ contain the changes from", " (1:9.6p1-3ubuntu13.7) in noble-proposed.", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 11 Feb 2025 08:41:04 -0500" } ], "notes": null }, { "name": "openssh-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.5", "version": "1:9.6p1-3ubuntu13.5" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.8", "version": "1:9.6p1-3ubuntu13.8" }, "cves": [ { "cve": "CVE-2025-26465", "url": "https://ubuntu.com/security/CVE-2025-26465", "cve_description": "The OpenSSH client is vulnerable to an active machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (it is disabled by default): when a vulnerable client connects to a server, an active machine-in-the-middle can impersonate the server by completely bypassing the client's checks of the server's identity.", "cve_priority": "medium", "cve_public_date": "2025-02-18" }, { "cve": "CVE-2025-26466", "url": "https://ubuntu.com/security/CVE-2025-26466", "cve_description": "The OpenSSH client and server are vulnerable to a pre-authentication denial-of-service attack: an asymmetric resource consumption of both memory and CPU. This vulnerability was introduced in August 2023 (shortly before OpenSSH 9.5p1) by commit dce6d80 (\"Introduce a transport-level ping facility\").", "cve_priority": "medium", "cve_public_date": "2025-02-18" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-26465", "url": "https://ubuntu.com/security/CVE-2025-26465", "cve_description": "The OpenSSH client is vulnerable to an active machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (it is disabled by default): when a vulnerable client connects to a server, an active machine-in-the-middle can impersonate the server by completely bypassing the client's checks of the server's identity.", "cve_priority": "medium", "cve_public_date": "2025-02-18" }, { "cve": "CVE-2025-26466", "url": "https://ubuntu.com/security/CVE-2025-26466", "cve_description": "The OpenSSH client and server are vulnerable to a pre-authentication denial-of-service attack: an asymmetric resource consumption of both memory and CPU. This vulnerability was introduced in August 2023 (shortly before OpenSSH 9.5p1) by commit dce6d80 (\"Introduce a transport-level ping facility\").", "cve_priority": "medium", "cve_public_date": "2025-02-18" } ], "log": [ "", " * SECURITY UPDATE: MitM with VerifyHostKeyDNS option", " - debian/patches/CVE-2025-26465.patch: fix error code handling in", " krl.c, ssh-agent.c, ssh-sk-client.c, sshconnect2.c, sshsig.c.", " - CVE-2025-26465", " * SECURITY UPDATE: pre-authentication denial of service", " - debian/patches/CVE-2025-26466.patch: don't reply to PING in preauth", " or in KEX in packet.c.", " - CVE-2025-26466", " * NOTE: this package does _not_ contain the changes from", " (1:9.6p1-3ubuntu13.7) in noble-proposed.", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 11 Feb 2025 08:41:04 -0500" } ], "notes": null }, { "name": "openssh-sftp-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.5", "version": "1:9.6p1-3ubuntu13.5" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.8", "version": "1:9.6p1-3ubuntu13.8" }, "cves": [ { "cve": "CVE-2025-26465", "url": "https://ubuntu.com/security/CVE-2025-26465", "cve_description": "The OpenSSH client is vulnerable to an active machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (it is disabled by default): when a vulnerable client connects to a server, an active machine-in-the-middle can impersonate the server by completely bypassing the client's checks of the server's identity.", "cve_priority": "medium", "cve_public_date": "2025-02-18" }, { "cve": "CVE-2025-26466", "url": "https://ubuntu.com/security/CVE-2025-26466", "cve_description": "The OpenSSH client and server are vulnerable to a pre-authentication denial-of-service attack: an asymmetric resource consumption of both memory and CPU. This vulnerability was introduced in August 2023 (shortly before OpenSSH 9.5p1) by commit dce6d80 (\"Introduce a transport-level ping facility\").", "cve_priority": "medium", "cve_public_date": "2025-02-18" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-26465", "url": "https://ubuntu.com/security/CVE-2025-26465", "cve_description": "The OpenSSH client is vulnerable to an active machine-in-the-middle attack if the VerifyHostKeyDNS option is enabled (it is disabled by default): when a vulnerable client connects to a server, an active machine-in-the-middle can impersonate the server by completely bypassing the client's checks of the server's identity.", "cve_priority": "medium", "cve_public_date": "2025-02-18" }, { "cve": "CVE-2025-26466", "url": "https://ubuntu.com/security/CVE-2025-26466", "cve_description": "The OpenSSH client and server are vulnerable to a pre-authentication denial-of-service attack: an asymmetric resource consumption of both memory and CPU. This vulnerability was introduced in August 2023 (shortly before OpenSSH 9.5p1) by commit dce6d80 (\"Introduce a transport-level ping facility\").", "cve_priority": "medium", "cve_public_date": "2025-02-18" } ], "log": [ "", " * SECURITY UPDATE: MitM with VerifyHostKeyDNS option", " - debian/patches/CVE-2025-26465.patch: fix error code handling in", " krl.c, ssh-agent.c, ssh-sk-client.c, sshconnect2.c, sshsig.c.", " - CVE-2025-26465", " * SECURITY UPDATE: pre-authentication denial of service", " - debian/patches/CVE-2025-26466.patch: don't reply to PING in preauth", " or in KEX in packet.c.", " - CVE-2025-26466", " * NOTE: this package does _not_ contain the changes from", " (1:9.6p1-3ubuntu13.7) in noble-proposed.", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Marc Deslauriers ", "date": "Tue, 11 Feb 2025 08:41:04 -0500" } ], "notes": null } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 24.04 noble image from daily image serial 20250214 to 20250219", "from_series": "noble", "to_series": "noble", "from_serial": "20250214", "to_serial": "20250219", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }