-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 20 Apr 2025 08:09:59 +0300
Source: erlang
Binary: erlang erlang-doc erlang-examples erlang-jinterface erlang-manpages erlang-mode erlang-nox erlang-src erlang-x11
Architecture: all
Version: 1:25.2.3+dfsg-1+deb12u1
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Sergei Golovan <sgolovan@debian.org>
Description:
 erlang     - Concurrent, real-time, distributed functional language
 erlang-doc - Erlang/OTP HTML/PDF documentation
 erlang-examples - Erlang/OTP application examples
 erlang-jinterface - Java communication tool to Erlang
 erlang-manpages - Erlang/OTP manual pages
 erlang-mode - Erlang major editing mode for Emacs
 erlang-nox - Erlang/OTP applications that don't require X Window System
 erlang-src - Erlang/OTP applications sources
 erlang-x11 - Erlang/OTP applications that require X Window System
Closes: 1059002 1101713 1103442
Changes:
 erlang (1:25.2.3+dfsg-1+deb12u1) bookworm-security; urgency=high
 .
   [ Salvatore Bonaccorso ]
   * ssh: implement strict KEX (CVE-2023-48795) (Closes: #1059002)
   * ssh: reject SFTP packets exceeding max allowed size (CVE-2025-26618)
   * ssh: fix denial of service due to erroneous processing of large KEX
     init packages (CVE-2025-30211) (Closes: #1101713):
     - reduce log processing for plain connections
     - ignore too long algorithm names
     - limit the length of error messages in reply to invalid packets
     - add the custom_kexinit test to test large KEX init packages processing
   * ssh: fix remote code execution (RCE) by an unauthenticated user
     (CVE-2025-32433) (Closes: #1103442)
 .
   [ Sergei Golovan ]
   * Cleanup the patches.
Checksums-Sha1:
 977b766020cfa5cd292db51763e46db0900633d8 21821996 erlang-doc_25.2.3+dfsg-1+deb12u1_all.deb
 cdc5305604c9f9718759747517e158e680b8e4ce 961808 erlang-examples_25.2.3+dfsg-1+deb12u1_all.deb
 fc6649bb1a96da92e90f99b75c05214c8942389a 113932 erlang-jinterface_25.2.3+dfsg-1+deb12u1_all.deb
 caf1d43ec6dc162906612caf4c28aa17079363d8 1916964 erlang-manpages_25.2.3+dfsg-1+deb12u1_all.deb
 8563e182114de6ad6e1efc5b384d7b3e3f2d7771 92872 erlang-mode_25.2.3+dfsg-1+deb12u1_all.deb
 ac395ebc39295b574c31ff0c6aeff06503da60f0 15592 erlang-nox_25.2.3+dfsg-1+deb12u1_all.deb
 b6c83f02d7c02ef1883b55c61fadad038a5d3527 4976668 erlang-src_25.2.3+dfsg-1+deb12u1_all.deb
 23322cf78d0d4736c4fa67830fe7952a5907a5c7 15536 erlang-x11_25.2.3+dfsg-1+deb12u1_all.deb
 a2972b4e3e582f1b361a4cd3ef20f0c40148f67e 18017 erlang_25.2.3+dfsg-1+deb12u1_all-buildd.buildinfo
 e72150415994b27aaf50c2063054cd98c4a4dedf 15928 erlang_25.2.3+dfsg-1+deb12u1_all.deb
Checksums-Sha256:
 8e6104b60083398417a3d817e5664638f3b076348db670418a0f786698717886 21821996 erlang-doc_25.2.3+dfsg-1+deb12u1_all.deb
 382348efd325aba2c35bd31eb04b389a3840a89dbe1172edb46c63cf9962509e 961808 erlang-examples_25.2.3+dfsg-1+deb12u1_all.deb
 c164866c65fefae654bc781fbdbe7ead79e9364af938acbc18c388481224f4ab 113932 erlang-jinterface_25.2.3+dfsg-1+deb12u1_all.deb
 934312043c6f0c9c761f92ee1dda1daefd9b617bf77fb755019e84e2db4b8dee 1916964 erlang-manpages_25.2.3+dfsg-1+deb12u1_all.deb
 3027284bd186d0df7e1d526afc6662f9935f7f2e57e9e517092b43a7000073ba 92872 erlang-mode_25.2.3+dfsg-1+deb12u1_all.deb
 a715e39cedc8f3a8e8fe17dc8c1e3d0e0bbf5aae8ef8dfb4a8744b27a7ce35f7 15592 erlang-nox_25.2.3+dfsg-1+deb12u1_all.deb
 575b0c1cefa3f0aa4b405bacb8a2b693af921d8256156c51aabd42db2cec1a98 4976668 erlang-src_25.2.3+dfsg-1+deb12u1_all.deb
 d3fd5526d40ccfb8c80d9a0c39ecc53e97fb61a752e7deb972e64b1f14b8cb7b 15536 erlang-x11_25.2.3+dfsg-1+deb12u1_all.deb
 6167083135f497c96bc202992f43f7f0ba72f548694d227a0910653134a13f0c 18017 erlang_25.2.3+dfsg-1+deb12u1_all-buildd.buildinfo
 f134f7d4ba8e6218be7c600f1185f06e789fc2fef0971dff008401f7b0c596ea 15928 erlang_25.2.3+dfsg-1+deb12u1_all.deb
Files:
 26a003ef7eda2c4410c01a86298179a4 21821996 doc optional erlang-doc_25.2.3+dfsg-1+deb12u1_all.deb
 5779d5ccdf6a4b9f19b01704eb1b0016 961808 interpreters optional erlang-examples_25.2.3+dfsg-1+deb12u1_all.deb
 1260fc8a480238ef54e18696550419db 113932 interpreters optional erlang-jinterface_25.2.3+dfsg-1+deb12u1_all.deb
 5808e5f19da63bee90374b4f860b5537 1916964 doc optional erlang-manpages_25.2.3+dfsg-1+deb12u1_all.deb
 c861891615e05b8f781feeeb4dfc7fd6 92872 interpreters optional erlang-mode_25.2.3+dfsg-1+deb12u1_all.deb
 06a5391df7543dcc0b2f7bf79ef96f99 15592 interpreters optional erlang-nox_25.2.3+dfsg-1+deb12u1_all.deb
 5533060dd5a69aa7f957dd575ba0f0d7 4976668 interpreters optional erlang-src_25.2.3+dfsg-1+deb12u1_all.deb
 436dda6c6ee15e1c2cc3e61312207953 15536 interpreters optional erlang-x11_25.2.3+dfsg-1+deb12u1_all.deb
 c3a31ff52028def04eb1572f93a834c7 18017 interpreters optional erlang_25.2.3+dfsg-1+deb12u1_all-buildd.buildinfo
 c144b9cb283960b3ef19105bf2458e37 15928 interpreters optional erlang_25.2.3+dfsg-1+deb12u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmgEjgUACgkQfUw6/tXb
AmNZ8A//UugM1GLlucushFcfwo7oM1QwauOUVBlEXyzFxfbsCxZs7yfONszMGXPW
Ih89TyFBGGwMG7EXBMmVH6PBSn+KYxXXjHhsTRl8bFyVg4/lKyJgjGYnwyfty/5B
+EoIiHAmvuXYeEbHtQFzrV/tOTQsMHnvoXEWdvlTlBzsXMoynakDJYg3yOI/Xjzg
NgvcZmEqZjsaU/cFowbgJa5WQkrQA06ckncK/W9xkjsgJ6N4Olg70+IJuLonub5N
1irPlAyCpesnhIgk1AURl0dP1TIC5C8N1D93H/6TlN7nLKta+/T5VYQGYlOtRhk8
9hRxGiUht4YzZPIx49tpBq0s3EfdGaJWF2goYVzn9wh4H27JZlj8IXbBolYlDkqC
dJ2lqmbwt/N/SNKGoIFG8/9rwK71gAWuNbi5QyRPSlfBDB5SSqSRkD5S+wJWXh9w
sz9hUr282VnPF4LXCl6X5QS8ZcJhLKdtT9BAR7PmxCGp3SisLGohI+lhbOQr7Pbn
JEGHEfnudGNTnvQB8KTIu2rtWRLAnOXdaGkmNx48+WFfcCaPq5OVmNQIFqRF3FW4
uZD3MPdjIbqVvhYcjuU7uS5pI3J+F7hSkdZANHbmWxdyr6k3/+0Qq3of0l5pFlNV
oi6/pW7T9g8cPA2ZSnKCojUIacyjCK9r1J5AFZL9WlXZtngbTfk=
=Yag1
-----END PGP SIGNATURE-----