[slackware-security] libssh

New libssh packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/libssh-0.6.4-i486-1slack14.1.txz: Upgraded. This update fixes some security issues. For more information, see:...

Slackware 14.0 / 14.1 / current : libssh (SSA:2015-111-04)

New libssh packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-111-04. The text itself is copyright C...

Mandriva Linux Security Advisory : libssh (MDVSA-2015:086)

Updated libssh packages fix security vulnerabilities : When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RANDbytes function of openssl doesn't reset its state after the fork, but simply adds the current...

Ubuntu: Security Advisory (USN-2478-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu Patches Several Security Flaws

Ubuntu has released a number of patches for security vulnerabilities in several versions of the OS, including some remote code execution flaws in Thunderbird, which is included with Ubuntu. Thunderbird is Mozilla’s email client, and the company recently fixed several memory corruption...

Ubuntu 14.04 LTS : libssh vulnerability (USN-2478-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2478-1 advisory. It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in ...

USN-2478-1: libssh vulnerability

It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...

USN-2478-1 libssh vulnerability

It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...

libssh: denial of service

It was discovered that a double free vulnerability in the sshpacketkexinit function in kex.c allows remote attackers to cause a denial of service via a crafted kexinit packet...

Libssh ssh_packet_kexinit() Double-free Memory DoS

The remote libssh server contains a double-free memory flaw in the sshpacketkexinit function in kex.c. A remote attacker, with a specially crafted SSHMSGKEXINIT packet, can cause a denial of service. TRUSTED...

[ MDVSA-2015:020 ] libssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:020 http://www.mandriva.com/en/support/security/ Package : libssh Date : January 12, 2015 Affected: Business Server 1.0 Problem Description: Updated libssh packages fix security vulnerability: Double free...

Mandriva Linux Security Advisory : libssh (MDVSA-2015:020)

Updated libssh packages fix security vulnerability : Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet CVE-2014-8132. %NASLMINLEVEL 70300 C Tenable Network...

libssh double free vulnerability

sshpacketkexinit double free vulnerability...

openSUSE Security Update : libssh (openSUSE-SU-2015:0017-1)

This update fixed the following security issue : - Fix CVE-2014-8132: Double free on dangling pointers in initial key exchange packet; bsc910790. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Updat...

MGASA-2015-0014 Updated libssh packages fix CVE-2014-8132

Updated libssh packages fix security vulnerability: Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet CVE-2014-8132...

Updated libssh packages fix CVE-2014-8132

Updated libssh packages fix security vulnerability: Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet CVE-2014-8132...

Fedora Update for libssh FEDORA-2014-17324

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 20 : libssh-0.6.4-1.fc20 (2014-17303)

Security fix for CVE-2014-8132. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

Fedora Update for libssh FEDORA-2014-17303

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for libssh FEDORA-2014-17354

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...