Описание
ELSA-2016-0428: libssh2 security update (MODERATE)
[1.4.2-2.el6_7.1]
- use secrects of the appropriate length in Diffie-Hellman (CVE-2016-0787)
[1.4.2-2]
- fix basic functionality of libssh2 in FIPS mode (#968575)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
libssh2
1.4.2-2.el6_7.1
libssh2-devel
1.4.2-2.el6_7.1
libssh2-docs
1.4.2-2.el6_7.1
Oracle Linux i686
libssh2
1.4.2-2.el6_7.1
libssh2-devel
1.4.2-2.el6_7.1
libssh2-docs
1.4.2-2.el6_7.1
Oracle Linux sparc64
libssh2
1.4.2-2.el6_7.1
libssh2-devel
1.4.2-2.el6_7.1
libssh2-docs
1.4.2-2.el6_7.1
Oracle Linux 7
Oracle Linux aarch64
libssh2
1.4.3-10.el7_2.1
libssh2-devel
1.4.3-10.el7_2.1
libssh2-docs
1.4.3-10.el7_2.1
Oracle Linux x86_64
libssh2
1.4.3-10.el7_2.1
libssh2-devel
1.4.3-10.el7_2.1
libssh2-docs
1.4.3-10.el7_2.1
Связанные CVE
Связанные уязвимости
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 im ...
