openSUSE-SU-2018:3245-1

Опубликовано: 19 окт. 2018

Источник: suse-cvrf

Описание

Security update for libssh

This update for libssh fixes the following security issue:

CVE-2018-10933: Fixed a server mode authentication bypass (boo#1108020).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.3

libssh-0.6.3-17.1

libssh-devel-0.6.3-17.1

libssh-devel-doc-0.6.3-17.1

libssh4-0.6.3-17.1

libssh4-32bit-0.6.3-17.1

Ссылки

https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00042.html
E-Mail link for openSUSE-SU-2018:3245-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings

Описание

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

Затронутые продукты

openSUSE Leap 42.3:libssh-0.6.3-17.1

openSUSE Leap 42.3:libssh-devel-0.6.3-17.1

openSUSE Leap 42.3:libssh-devel-doc-0.6.3-17.1

openSUSE Leap 42.3:libssh4-0.6.3-17.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-10933.html
CVE-2018-10933
https://bugzilla.suse.com/1108020
SUSE Bug 1108020
https://bugzilla.suse.com/1122198
SUSE Bug 1122198

openSUSE-SU-2018:3245-1

Описание

Список пакетов

openSUSE Leap 42.3

Ссылки

Уязвимость: CVE-2018-10933

Описание

Затронутые продукты

Ссылки