SUSE-SU-2018:3162-1

Опубликовано: 16 окт. 2018

Источник: suse-cvrf

Описание

Security update for libssh

This update for libssh fixes the following issues:

CVE-2018-10933: Fixed a server mode authentication bypass (bsc#1108020).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15

libssh-devel-0.7.5-6.3.1

libssh4-0.7.5-6.3.1

libssh4-32bit-0.7.5-6.3.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20183162-1/
Link for SUSE-SU-2018:3162-1
https://lists.suse.com/pipermail/sle-security-updates/2018-October/004676.html
E-Mail link for SUSE-SU-2018:3162-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1108020
SUSE Bug 1108020
https://www.suse.com/security/cve/CVE-2018-10933/
SUSE CVE CVE-2018-10933 page

Описание

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15:libssh-devel-0.7.5-6.3.1

SUSE Linux Enterprise Module for Basesystem 15:libssh4-0.7.5-6.3.1

SUSE Linux Enterprise Module for Basesystem 15:libssh4-32bit-0.7.5-6.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-10933.html
CVE-2018-10933
https://bugzilla.suse.com/1108020
SUSE Bug 1108020
https://bugzilla.suse.com/1122198
SUSE Bug 1122198

SUSE-SU-2018:3162-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15

Ссылки

Уязвимость: CVE-2018-10933

Описание

Затронутые продукты

Ссылки