[Bug 3594] New: PKCS11Provider now requires full paths

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Jul 27 21:31:38 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3594

            Bug ID: 3594
           Summary: PKCS11Provider now requires full paths
           Product: Portable OpenSSH
           Version: 9.3p1
          Hardware: Other
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh-agent
          Assignee: unassigned-bugs at mindrot.org
          Reporter: marc.deslauriers at canonical.com

Since the 29ef8a0486 commit for CVE-2023-28408, PKCS11Provider now
requires libraries to be specified using their full path as the new
code just opens the filename directly whereas the dlopen would search
system library paths.

This causes a change in behaviour for users.

(See downstream bug here:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2028774 )

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list