-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 20 Apr 2025 08:09:59 +0300
Source: erlang
Architecture: source
Version: 1:25.2.3+dfsg-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: Debian Erlang Packagers <pkg-erlang-devel@lists.alioth.debian.org>
Changed-By: Sergei Golovan <sgolovan@debian.org>
Closes: 1059002 1101713 1103442
Changes:
 erlang (1:25.2.3+dfsg-1+deb12u1) bookworm-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * ssh: implement strict KEX (CVE-2023-48795) (Closes: #1059002)
   * ssh: reject SFTP packets exceeding max allowed size (CVE-2025-26618)
   * ssh: fix denial of service due to erroneous processing of large KEX
     init packages (CVE-2025-30211) (Closes: #1101713):
     - reduce log processing for plain connections
     - ignore too long algorithm names
     - limit the length of error messages in reply to invalid packets
     - add the custom_kexinit test to test large KEX init packages processing
   * ssh: fix remote code execution (RCE) by an unauthenticated user
     (CVE-2025-32433) (Closes: #1103442)
 .
   [ Sergei Golovan ]
   * Cleanup the patches.
Checksums-Sha1:
 90a5a31d9744583449ae4238ac9b7543e4b7ad6e 5041 erlang_25.2.3+dfsg-1+deb12u1.dsc
 17f9b115cb539f2f3688a207388a3eae67d8481b 48013400 erlang_25.2.3+dfsg.orig.tar.xz
 c66ea3d3dd04806550563cd71c0fc09023b69179 72708 erlang_25.2.3+dfsg-1+deb12u1.debian.tar.xz
 a50a25697b3faefd9c49975907c80afec7b686f9 31737 erlang_25.2.3+dfsg-1+deb12u1_amd64.buildinfo
Checksums-Sha256:
 ad8562aaaee6d692d604132832fbb51feeeb6e176f0445ca201486318361b0b8 5041 erlang_25.2.3+dfsg-1+deb12u1.dsc
 65c77675af31235d19ee7888fb2a9d858759b1089ba33126344697be7600d271 48013400 erlang_25.2.3+dfsg.orig.tar.xz
 02643fa322797fca559b1bc6aa938ea44810fc372a5fc504759d15f6ddbd51fa 72708 erlang_25.2.3+dfsg-1+deb12u1.debian.tar.xz
 116de48e1bff1d3cb4bf76009d4d2a9f4b9634bf75abf14fdb557a621c2a0e9b 31737 erlang_25.2.3+dfsg-1+deb12u1_amd64.buildinfo
Files:
 173a1cf30758b022aadc9c1552e8cc53 5041 interpreters optional erlang_25.2.3+dfsg-1+deb12u1.dsc
 68f00d5a9b77d45d45be87ab98fa1d15 48013400 interpreters optional erlang_25.2.3+dfsg.orig.tar.xz
 29e39401ffd156185a53107b881e91cd 72708 interpreters optional erlang_25.2.3+dfsg-1+deb12u1.debian.tar.xz
 7c4670053fe6f82c46d132f06156be73 31737 interpreters optional erlang_25.2.3+dfsg-1+deb12u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEE/SYPsyDB+ShSnvc4Tyrk60tj54cFAmgEg7QACgkQTyrk60tj
54fCnA/+KajLxwWNXrFFEEWPsHKi0oDBqP0lu4sJk7tUKcZxPslBS4SqtTDC8lFa
Vu3igyWoZKYjhpvW4LVmIk3z7dDa0YhY9PNHck1xl4AEwY8dCvOMBDsNd4UOTh9r
eDfbb8GJRsxs34umzpkXFyNoRWvtCRFAhrVZUxCy9K1qas5FtSSXNrsR5VH+IDne
Ni5hia5Hum5bPdpttZ2MC+IXFrJhzpsP4IMqAB1WY1kaRHNV+ASpAG9tkk9tWzoD
dJiQ3BBYlxkCL3CaAaTXry0y3RTFMzy/2LGKS2DL/mjCX+EEwKZe86dl5Pw+BE2Z
TZNVAg3Tpf5rVwUBwIHTxxO/qrKF7b2hjpWUBjMc/V2dlYjfcktq1gWBt7CxwaA+
ulNJDVchShZTKiS7PoClYX5wkA6/0gPIJmMLs85DV8qvIyYxM4kI96r3bXSQVfsD
4EBW10dhWyZAYPYXq11rklLZ+QfEk4EHOXG0pkLR75VPYbhNYbWKIoe9Yhm6UmOW
P4J7kMng4bGOF2Su8/wQ4ZTKS2s++eaJIIyenfJxeJ4yoAldcouVU9eI8NR6P17a
JABen8gXr4CxEaeGLjHBoROr8KVlIeEB1zSMO0jlW+eVteTUN9DjZlciVLtSux01
3AOoTZPDOhyyjsyTMhVveQsTiVgLrBJD3K4gCglimlfcOlzIYhY=
=9QKO
-----END PGP SIGNATURE-----