libssh2 security update

2019-07-31T13:39:10
ID CESA-2019:1884
Type centos
Reporter CentOS Project
Modified 2019-07-31T13:39:10

Description

CentOS Errata and Security Advisory CESA-2019:1884

The libssh2 packages provide a library that implements the SSH2 protocol.

Security Fix(es):

  • libssh2: Out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Merged security bulletin from advisories: http://lists.centos.org/pipermail/centos-announce/2019-July/023383.html

Affected packages: libssh2 libssh2-devel libssh2-docs

Upstream details at: