[SECURITY] [DLA 1730-2] libssh2 regression update

Package : libssh2 Version : 1.4.3-4.1+deb8u3 CVE ID : CVE-2019-3859 This regression update follows up on an upstream regression update 1 regarding CVE-2019-3859. With the previous libssh2 package revision, it was observed that user authentication with private/public key pairs would fail under...

Critical Photon OS Security Update - PHSA-2019-0222

Updates of 'libssh2' packages of Photon OS have been released...

DLA-1730-2 libssh2 - regression update

Bulletin has no description...

CentOS 7 : libssh2 (CESA-2019:0679)

An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0146

An update of 'python2', 'libssh2' packages of Photon OS has been released...

Critical Photon OS Security Update - PHSA-2019-0220

Updates of 'systemd', 'cairo', 'libssh2', 'haproxy', 'dhcp', 'python2' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2019-0008

Updates of 'binutils', 'libssh2', 'cairo' packages of Photon OS have been released...

Oracle Linux 7 : libssh2 (ELSA-2019-0679)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-0679 advisory. - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix integer overflow in SSH packet processing...

Important Photon OS Security Update - PHSA-2019-3.0-0008

Updates of 'libssh2', 'binutils', 'cairo' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2019-0146

Updates of 'libssh2' packages of Photon OS have been released...

Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20190328)

Security Fixes : - libssh2: Integer overflow in transport read resulting in out of bounds write CVE-2019-3855 - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write CVE-2019-3856 - libssh2: Integer overflow in SSH packet processing channel resulting in out o...

RHEL 7 : libssh2 (RHSA-2019:0679)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:0679 advisory. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fixes: libssh2: Integer overflow in transport read...

libssh2: Integer overflow in transport read resulting in out of bounds write

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write

An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

Important: Red Hat Security Advisory: libssh2 security update

An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Vulnerabilities fixed in libSSH2

There are vulnerabilities in libSSH2. LibSSH2 is a client side C library for implementing the SSH2 protocol. A malicious person in control of a compromised SSH server can construct a follow-up attack on systems that have connected to the compromised SSH server. Misuse could potentially lead to th...

libssh2 security update

1.4.3-12.el76.2 - sanitize public header file detected by rpmdiff 1.4.3-12.el76.1 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes CVE-2019-3863 - fix integer overflow in SSH packet processing channel resulting in out of bounds write CVE-2019-3857 - fix...

PT-2019-6236 · Libssh2 +3 · Libssh2 +3

Name of the Vulnerable Software and Affected Versions: libssh2 versions prior to 1.9.0 Description: The issue is related to an integer overflow in the kex method diffie hellman group exchange sha256 key exchange function of the kex.c component in the Libssh2 library, which implements the SSH2...

openSUSE Security Update : curl (openSUSE-2019-435)

This update for curl to version 7.60.0 fixes the following issues : These security issues were fixed : - CVE-2018-1000300: Prevent heap-based buffer overflow when closing down an FTP connection with very long server command replies bsc1092094. - CVE-2018-1000301: Prevent buffer over-read that cou...