Security fix for the ALT Linux 9 package libssh version 0.8.4-alt1

Oct. 17, 2018 Sergey V Turchin 0.8.4-alt1 - new version - security fix: CVE-2018-10933...

SUSE-SU-2018:3162-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020...

CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

MGASA-2016-0082 Updated libssh packages fix CVE-2016-0739

Updated libssh packages fix security vulnerability: libssh versions 0.1 and above have a bits/bytes confusion bug and generate an abnormally short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the...

SUSE-SU-2015:1707-1 Security update for libssh

The encryption library libssh was updated to fix one security issue. The following vulnerability was fixed: CVE-2015-3146: Unauthenticated remote attackers could crash the server or client with specially crafted packages...

SUSE-SU-2015:1707-2 Security update for libssh

The encryption library libssh was updated to fix one security issue. The following vulnerability was fixed: CVE-2015-3146: Unauthenticated remote attackers could crash the server or client with specially crafted packages...

CVE-2014-8132

Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet...