2023-9 openssh ssh-agent path issue

(also fix publish dates on previous)

latest-id.txt

@@ -1 +1 @@
-2023-8
+2023-9

vulns/midnightbsd/MNBSD-2023-7.yaml

@@ -19,5 +19,5 @@ references:
     url: https://nvd.nist.gov/vuln/detail/CVE-2023-25136
 aliases:
   - CVE-2023-25136
-modified: "2023-08-09T00:00:00.000Z"
-published: "2023-08-09T00:00:00.000Z"
+modified: "2023-12-27T00:00:00.000Z"
+published: "2023-12-27T00:00:00.000Z"

vulns/midnightbsd/MNBSD-2023-8.yaml

@@ -21,5 +21,5 @@ references:
     url: https://nvd.nist.gov/vuln/detail/CVE-2023-28531
 aliases:
   - CVE-2023-28531
-modified: "2023-08-09T00:00:00.000Z"
-published: "2023-08-09T00:00:00.000Z"
+modified: "2023-12-27T00:00:00.000Z"
+published: "2023-12-27T00:00:00.000Z"

vulns/midnightbsd/MNBSD-2023-9.yaml

@@ -0,0 +1,27 @@
+id: MNBSD-2023-9
+summary: OpenSSH ssh-agent insecure search path
+details: The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
+affected:
+  - package:
+      name: openssh
+      ecosystem: MidnightBSD
+    ranges:
+      - type: ECOSYSTEM
+        events:
+          - introduced: 3.1.0
+          - fixed: 3.2.0
+    versions:
+      - 3.1.0
+      - 3.1.1
+      - 3.1.2
+      - 3.1.3
+      - 3.1.4
+references:
+  - type: WEB
+    url: https://nvd.nist.gov/vuln/detail/CVE-2023-38408
+  - type: WEB
+    url: https://nvd.nist.gov/vuln/detail/CVE-2016-10009
+aliases:
+  - CVE-2023-38408
+modified: "2023-12-27T00:00:00.000Z"
+published: "2023-12-27T00:00:00.000Z"