Описание
ELSA-2019-2136: libssh2 security, bug fix, and enhancement update (MODERATE)
[1.8.0-3]
- sanitize public header file (detected by rpmdiff)
[1.8.0-2]
- fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863)
- fix out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)
- fix out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
- fix zero-byte allocation in SFTP packet processing resulting in out-of-bounds read (CVE-2019-3858)
- fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857)
- fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856)
- fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)
[1.8.0-1]
- rebase to 1.8.0 (#1592784)
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libssh2
1.8.0-3.el7
libssh2-devel
1.8.0-3.el7
libssh2-docs
1.8.0-3.el7
Oracle Linux x86_64
libssh2
1.8.0-3.el7
libssh2-devel
1.8.0-3.el7
libssh2-docs
1.8.0-3.el7
