Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2015-111-04
HistoryApr 22, 2015 - 1:20 a.m.

[slackware-security] libssh

2015-04-2201:20:42
Slackware Linux Project
www.slackware.com
15

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.163 Low

EPSS

Percentile

96.0%

JSON

New libssh packages are available for Slackware 14.0, 14.1, and -current to
fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:

patches/packages/libssh-0.6.4-i486-1_slack14.1.txz: Upgraded.
This update fixes some security issues.
For more information, see:
https://vulners.com/cve/CVE-2014-0017
https://vulners.com/cve/CVE-2014-8132
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the β€œGet Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/libssh-0.6.4-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/libssh-0.6.4-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/libssh-0.6.4-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/libssh-0.6.4-x86_64-1_slack14.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/l/libssh-0.6.4-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/l/libssh-0.6.4-x86_64-1.txz

MD5 signatures:

Slackware 14.0 package:
c065d69fa6b9cf505a961845bc4fbd63 libssh-0.6.4-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
83dbdfb47b8a5339ca2ab36d2c8502ed libssh-0.6.4-x86_64-1_slack14.0.txz

Slackware 14.1 package:
62d39ea5f47fe14ae714f8b81cf4e329 libssh-0.6.4-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
4746fe327a9d1ef85662e2e1aa8ff61b libssh-0.6.4-x86_64-1_slack14.1.txz

Slackware -current package:
c3fda7dab2df2cd4226a353c6855c1f1 l/libssh-0.6.4-i486-1.txz

Slackware x86_64 -current package:
b90eff88f87b47115bbfd559909e3c67 l/libssh-0.6.4-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg libssh-0.6.4-i486-1_slack14.1.txz

Related

openvas 19
fedora 6
nessus 22
ubuntucve 2
debiancve 2
cve 2
ubuntu 2
prion 2
securityvulns 4
archlinux 1
nvd 2
mageia 2
cvelist 2
seebug 1
altlinux 3
debian 3
gentoo 2
osv 2
freebsd 1
openvas
openvas
Slackware: Security Advisory (SSA:2015-111-04)
2022-04-21 00:00:00
Fedora Update for libssh FEDORA-2014-17303
2015-01-05 00:00:00
Fedora Update for libssh FEDORA-2014-17354
2015-01-05 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: libssh-0.6.4-1.fc19
2015-01-03 18:58:56
[SECURITY] Fedora 20 Update: libssh-0.6.4-1.fc20
2015-01-03 19:10:54
[SECURITY] Fedora 21 Update: libssh-0.6.4-1.fc21
2015-01-03 19:12:28
nessus
nessus
Mandriva Linux Security Advisory : libssh (MDVSA-2015:086)
2015-03-30 00:00:00
Slackware 14.0 / 14.1 / current : libssh (SSA:2015-111-04)
2015-04-22 00:00:00
Fedora 20 : libssh-0.6.4-1.fc20 (2014-17303)
2015-01-05 00:00:00
ubuntucve
ubuntucve
CVE-2014-8132
2014-12-28 00:00:00
CVE-2014-0017
2014-03-05 00:00:00
debiancve
debiancve
CVE-2014-8132
2014-12-29 00:59:00
CVE-2014-0017
2014-03-14 15:55:05
cve
cve
CVE-2014-8132
2014-12-29 00:59:00
CVE-2014-0017
2014-03-14 15:55:05
ubuntu
ubuntu
libssh vulnerability
2015-01-19 00:00:00
libssh vulnerability
2014-03-12 00:00:00
prion
prion
Double free
2014-12-29 00:59:00
Cross site request forgery (csrf)
2014-03-14 15:55:00
securityvulns
securityvulns
[ MDVSA-2015:020 ] libssh
2015-01-13 00:00:00
libssh double free vulnerability
2015-01-13 00:00:00
[USN-2145-1] libssh vulnerability
2014-03-13 00:00:00
archlinux
archlinux
libssh: denial of service
2015-01-19 00:00:00
nvd
nvd
CVE-2014-8132
2014-12-29 00:59:00
CVE-2014-0017
2014-03-14 15:55:05
mageia
mageia
Updated libssh packages fix CVE-2014-8132
2015-01-08 15:36:22
Updated libssh package fixes security vulnerability
2014-03-06 03:17:12
cvelist
cvelist
CVE-2014-8132
2014-12-29 00:00:00
CVE-2014-0017
2014-03-14 15:00:00
seebug
seebug
LibsshιšζœΊε·η η”Ÿζˆε™¨ζΌζ΄ž(CVE-2014-0017)
2014-03-07 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 7 package libssh version 0.6.3-alt1
2014-03-25 00:00:00
Security fix for the ALT Linux 8 package libssh version 0.6.3-alt1
2014-03-25 00:00:00
Security fix for the ALT Linux 9 package libssh version 0.6.3-alt1
2014-03-25 00:00:00
debian
debian
[SECURITY] [DSA 2879-1] libssh security update
2014-03-13 21:54:28
[SECURITY] [DSA 3488-1] libssh security update
2016-02-23 16:37:38
[SECURITY] [DSA 3488-1] libssh security update
2016-02-23 16:37:38
gentoo
gentoo
LibSSH: Information disclosure
2014-08-10 00:00:00
libssh and libssh2: Multiple vulnerabilities
2016-06-26 00:00:00
osv
osv
libssh - security update
2014-03-13 00:00:00
libssh - security update
2016-02-23 00:00:00
freebsd
freebsd
libssh -- PRNG state reuse on forking servers
2014-03-05 00:00:00

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.163 Low

EPSS

Percentile

96.0%

JSON
Related for SSA-2015-111-04
openvas19fedora6nessus22ubuntucve2debiancve2cve2ubuntu2prion2securityvulns4archlinux1nvd2mageia2cvelist2seebug1altlinux3debian3gentoo2osv2freebsd1