Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2020:0967-1

Опубликовано: 09 апр. 2020
Источник: suse-cvrf

Описание

Security update for libssh

This update for libssh fixes the following issues:

  • CVE-2020-1730: Fixed a possible denial of service when using AES-CTR (bsc#1168699).

Список пакетов

Container bci/bci-init:15.3
libssh4-0.8.7-10.12.1
Container bci/dotnet-aspnet:3.1
libssh4-0.8.7-10.12.1
Container bci/dotnet-aspnet:5.0
libssh4-0.8.7-10.12.1
Container bci/dotnet-aspnet:latest
libssh4-0.8.7-10.12.1
Container bci/dotnet-runtime:3.1
libssh4-0.8.7-10.12.1
Container bci/dotnet-runtime:5.0
libssh4-0.8.7-10.12.1
Container bci/dotnet-runtime:latest
libssh4-0.8.7-10.12.1
Container bci/dotnet-sdk:3.1
libssh4-0.8.7-10.12.1
Container bci/dotnet-sdk:5.0
libssh4-0.8.7-10.12.1
Container bci/dotnet-sdk:latest
libssh4-0.8.7-10.12.1
Container bci/golang:1.16
libssh4-0.8.7-10.12.1
Container bci/golang:1.17
libssh4-0.8.7-10.12.1
Container bci/golang:latest
libssh4-0.8.7-10.12.1
Container bci/node:12
libssh4-0.8.7-10.12.1
Container bci/node:14
libssh4-0.8.7-10.12.1
Container bci/nodejs:latest
libssh4-0.8.7-10.12.1
Container bci/openjdk-devel:11
libssh4-0.8.7-10.12.1
Container bci/openjdk:latest
libssh4-0.8.7-10.12.1
Container bci/python:3
libssh4-0.8.7-10.12.1
Container bci/ruby:latest
libssh4-0.8.7-10.12.1
Container caasp/v4/389-ds:1.4.2
libssh4-0.8.7-10.12.1
Container caasp/v4/busybox:1.34.1
libssh4-0.8.7-10.12.1
Container caasp/v4/caasp-dex:2.16.0
libssh4-0.8.7-10.12.1
Container caasp/v4/cert-exporter:2.3.0
libssh4-0.8.7-10.12.1
Container caasp/v4/cilium-etcd-operator:2.0.5
libssh4-0.8.7-10.12.1
Container caasp/v4/cilium-init:1.5.3
libssh4-0.8.7-10.12.1
Container caasp/v4/cilium-operator:1.6.6
libssh4-0.8.7-10.12.1
Container caasp/v4/cilium:1.6.6
libssh4-0.8.7-10.12.1
Container caasp/v4/cloud-provider-openstack:1.15.0
libssh4-0.8.7-10.12.1
Container caasp/v4/configmap-reload:0.3.0
libssh4-0.8.7-10.12.1
Container caasp/v4/coredns:1.6.7
libssh4-0.8.7-10.12.1
Container caasp/v4/curl:7.60.0
libssh4-0.8.7-10.12.1
Container caasp/v4/etcd:3.4.13
libssh4-0.8.7-10.12.1
Container caasp/v4/gangway:3.1.0
libssh4-0.8.7-10.12.1
Container caasp/v4/grafana:7.5.12
libssh4-0.8.7-10.12.1
Container caasp/v4/helm-tiller:2.16.12
libssh4-0.8.7-10.12.1
Container caasp/v4/hyperkube:v1.17.17
libssh4-0.8.7-10.12.1
Container caasp/v4/k8s-sidecar:0.1.75
libssh4-0.8.7-10.12.1
Container caasp/v4/kube-state-metrics:1.9.3
libssh4-0.8.7-10.12.1
Container caasp/v4/kubernetes-client:1.17.17
libssh4-0.8.7-10.12.1
Container caasp/v4/kucero:1.3.0
libssh4-0.8.7-10.12.1
Container caasp/v4/kured:1.3.0
libssh4-0.8.7-10.12.1
Container caasp/v4/metrics-server:0.3.6
libssh4-0.8.7-10.12.1
Container caasp/v4/prometheus-alertmanager:0.16.2
libssh4-0.8.7-10.12.1
Container caasp/v4/prometheus-node-exporter:1.1.2
libssh4-0.8.7-10.12.1
Container caasp/v4/prometheus-pushgateway:0.6.0
libssh4-0.8.7-10.12.1
Container caasp/v4/prometheus-server:2.7.1
libssh4-0.8.7-10.12.1
Container caasp/v4/rsyslog:8.39.0
libssh4-0.8.7-10.12.1
Container caasp/v4/skuba-tooling:0.1.0
libssh4-0.8.7-10.12.1
Container caasp/v4/test-update:beta
libssh4-0.8.7-10.12.1
Container caasp/v4/velero-plugin-for-aws:1.0.1
libssh4-0.8.7-10.12.1
Container caasp/v4/velero-plugin-for-gcp:1.0.1
libssh4-0.8.7-10.12.1
Container caasp/v4/velero-plugin-for-microsoft-azure:1.0.1
libssh4-0.8.7-10.12.1
Container caasp/v4/velero-restic-restore-helper:1.3.1
libssh4-0.8.7-10.12.1
Container caasp/v4/velero:1.3.1
libssh4-0.8.7-10.12.1
Container ses/6/cephcsi/cephcsi:latest
libssh4-0.8.7-10.12.1
Container ses/6/rook/ceph:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/grafana:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/haproxy:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/keepalived:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/prometheus-alertmanager:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/prometheus-node-exporter:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/prometheus-server:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/ceph/prometheus-snmp_notifier:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/cephcsi/cephcsi:latest
libssh4-0.8.7-10.12.1
Container ses/7.1/cephcsi/csi-attacher:v4.1.0
libssh4-0.8.7-10.12.1
Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0
libssh4-0.8.7-10.12.1
Container ses/7.1/cephcsi/csi-provisioner:v3.4.0
libssh4-0.8.7-10.12.1
Container ses/7.1/cephcsi/csi-resizer:v1.7.0
libssh4-0.8.7-10.12.1
Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1
libssh4-0.8.7-10.12.1
Container ses/7.1/rook/ceph:latest
libssh4-0.8.7-10.12.1
Container ses/7/ceph/ceph:latest
libssh4-0.8.7-10.12.1
Container ses/7/ceph/grafana:latest
libssh4-0.8.7-10.12.1
Container ses/7/ceph/prometheus-alertmanager:latest
libssh4-0.8.7-10.12.1
Container ses/7/ceph/prometheus-node-exporter:latest
libssh4-0.8.7-10.12.1
Container ses/7/ceph/prometheus-server:latest
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/cephcsi:latest
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-attacher:v2.1.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-attacher:v3.3.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-livenessprobe:v1.1.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-node-driver-registrar:v1.2.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-node-driver-registrar:v2.3.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-provisioner:v1.6.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-provisioner:v3.0.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-resizer:v0.4.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-resizer:v1.3.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-snapshotter:v2.1.0
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-snapshotter:v2.1.1
libssh4-0.8.7-10.12.1
Container ses/7/cephcsi/csi-snapshotter:v4.2.0
libssh4-0.8.7-10.12.1
Container ses/7/prometheus-webhook-snmp:latest
libssh4-0.8.7-10.12.1
Container ses/7/rook/ceph:latest
libssh4-0.8.7-10.12.1
Container suse/pcp:latest
libssh4-0.8.7-10.12.1
Container suse/rmt-mariadb-client:latest
libssh4-0.8.7-10.12.1
Container suse/rmt-mariadb:latest
libssh4-0.8.7-10.12.1
Container suse/rmt-nginx:latest
libssh4-0.8.7-10.12.1
Container suse/rmt-server:latest
libssh4-0.8.7-10.12.1
Container suse/sle-micro/5.0/toolbox:latest
libssh4-0.8.7-10.12.1
Container suse/sle15:15.1
libssh4-0.8.7-10.12.1
Container suse/sle15:15.3
libssh4-0.8.7-10.12.1
Container suse/sles/15.2/virt-api:0.38.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.2/virt-controller:0.38.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.2/virt-handler:0.38.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.2/virt-launcher:0.38.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.2/virt-operator:0.38.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-apiserver:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-cloner:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-controller:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-importer:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-operator:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-uploadproxy:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/cdi-uploadserver:1.37.1
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/libguestfs-tools:0.45.0
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/virt-api:0.45.0
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/virt-controller:0.45.0
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/virt-handler:0.45.0
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/virt-launcher:0.45.0
libssh4-0.8.7-10.12.1
Container suse/sles/15.3/virt-operator:0.45.0
libssh4-0.8.7-10.12.1
Container trento/trento-db:latest
libssh4-0.8.7-10.12.1
Container trento/trento-runner:latest
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Azure-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Azure-HPC-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-CAP-Deployment-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP1-CAP-Deployment-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP1-CHOST-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP1-CHOST-BYOS-EC2
libssh4-0.8.7-10.12.1
Image SLES15-SP1-CHOST-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP1-EC2-HPC-HVM-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-EC2-HVM-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-GCE-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy
libssh4-0.8.7-10.12.1
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
libssh4-0.8.7-10.12.1
Image SLES15-SP1-OCI-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-Azure-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-EC2-HVM-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-GCE-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAP-OCI-BYOS
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAPCAL-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAPCAL-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP1-SAPCAL-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Azure-Basic
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Azure-Standard
libssh4-0.8.7-10.12.1
Image SLES15-SP2-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-CAP-Deployment-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-CHOST-BYOS-Aliyun
libssh4-0.8.7-10.12.1
Image SLES15-SP2-CHOST-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-CHOST-BYOS-EC2
libssh4-0.8.7-10.12.1
Image SLES15-SP2-CHOST-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-EC2-ECS-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-HPC-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-HPC-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-HPC-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-SAP-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-SAP-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-SAP-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP2-SAP-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP2-SAP-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP3-EC2-ECS-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP3-EC2-HVM
libssh4-0.8.7-10.12.1
libssh4-32bit-0.8.7-10.12.1
Image SLES15-SP3-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP3-HPC-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP3-Micro-BYOS-GCE
libssh4-0.8.7-10.12.1
Image SLES15-SP3-SAP-Azure
libssh4-0.8.7-10.12.1
libssh4-32bit-0.8.7-10.12.1
Image SLES15-SP3-SAP-EC2-HVM
libssh4-0.8.7-10.12.1
libssh4-32bit-0.8.7-10.12.1
Image SLES15-SP3-SAP-GCE
libssh4-0.8.7-10.12.1
libssh4-32bit-0.8.7-10.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP1
libssh-devel-0.8.7-10.12.1
libssh4-0.8.7-10.12.1
libssh4-32bit-0.8.7-10.12.1

Ссылки

Описание

A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.

Затронутые продукты
Container bci/bci-init:15.3:libssh4-0.8.7-10.12.1
Container bci/dotnet-aspnet:3.1:libssh4-0.8.7-10.12.1
Container bci/dotnet-aspnet:5.0:libssh4-0.8.7-10.12.1
Container bci/dotnet-aspnet:latest:libssh4-0.8.7-10.12.1
Ссылки
Уязвимость SUSE-SU-2020:0967-1