Описание
Security update for libssh
This update for libssh fixes the following issues:
- CVE-2018-10933: Fixed a server mode authentication bypass (bsc#1108020).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libssh-0.7.5-lp150.5.3.1
libssh-devel-0.7.5-lp150.5.3.1
libssh-devel-doc-0.7.5-lp150.5.3.1
libssh4-0.7.5-lp150.5.3.1
libssh4-32bit-0.7.5-lp150.5.3.1
Ссылки
- E-Mail link for openSUSE-SU-2018:3200-1
- SUSE Security Ratings
Описание
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
Затронутые продукты
openSUSE Leap 15.0:libssh-0.7.5-lp150.5.3.1
openSUSE Leap 15.0:libssh-devel-0.7.5-lp150.5.3.1
openSUSE Leap 15.0:libssh-devel-doc-0.7.5-lp150.5.3.1
openSUSE Leap 15.0:libssh4-0.7.5-lp150.5.3.1
Ссылки
- CVE-2018-10933
- SUSE Bug 1108020
- SUSE Bug 1122198