Описание
ELSA-2015-2140: libssh2 security and bug fix update (LOW)
[1.4.3-10]
- check length of data extracted from the SSH_MSG_KEXINIT packet (CVE-2015-1782)
[1.4.3-9]
- curl consumes too much memory during scp download (#1080459)
- prevent a not-connected agent from closing STDIN (#1147717)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libssh2
1.4.3-10.el7
libssh2-devel
1.4.3-10.el7
libssh2-docs
1.4.3-10.el7
Связанные CVE
Связанные уязвимости
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
The kex_agree_methods function in libssh2 before 1.5.0 allows remote s ...
