Описание
ELSA-2019-1652: libssh2 security update (IMPORTANT)
[1.4.2-3.0.1.el6_10.1]
- [Orabug: 29909723] Added patch CVE-2019-3862. (qing.lin@oracle.com) Added Additional length checks to prevent out-of-bounds (CVE-2019-3862)
[1.4.2-3.el6_10.1]
-
fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863)
-
fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857)
-
fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856)
-
fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)
-
use secrects of the appropriate length in Diffie-Hellman (CVE-2016-0787)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
libssh2
1.4.2-3.0.1.el6_10.1
libssh2-devel
1.4.2-3.0.1.el6_10.1
libssh2-docs
1.4.2-3.0.1.el6_10.1
Oracle Linux i686
libssh2
1.4.2-3.0.1.el6_10.1
libssh2-devel
1.4.2-3.0.1.el6_10.1
libssh2-docs
1.4.2-3.0.1.el6_10.1
