Package libssh2: Information
Default inline alert: Version in the repository: 1.9.0-alt2
Source package: libssh2
Version: 1.8.1-alt1
Build time: Mar 24, 2019, 02:41 AM in the task #225575
Category: Networking/Remote access
Report package bugHome page: http://www.libssh2.org/
License: BSD
Summary: A library implementing the SSH2 protocol
Description:
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10).
List of rpms provided by this srpm:
libssh2 (x86_64, i586, aarch64)
libssh2-debuginfo (x86_64, i586, aarch64)
libssh2-devel (x86_64, i586, aarch64)
libssh2-docs (noarch)
libssh2 (x86_64, i586, aarch64)
libssh2-debuginfo (x86_64, i586, aarch64)
libssh2-devel (x86_64, i586, aarch64)
libssh2-docs (noarch)
Maintainer: Alexey Shabalin
Last changed
March 24, 2019 Alexey Shabalin 1.8.1-alt1
- 1.8.1 - Fixes for the following security vulnerabilities: + Fixed possible integer overflow when reading a specially crafted packet (CVE-2019-3855) + Fixed possible integer overflow in userauth_keyboard_interactive with a number of extremely long prompt strings (CVE-2019-3863) + Fixed possible integer overflow if the server sent an extremely large number of keyboard prompts (CVE-2019-3856) + Fixed possible out of bounds read when processing a specially crafted packet (CVE-2019-3861) + Fixed possible integer overflow when receiving a specially crafted exit signal message channel packet (CVE-2019-3857) + Fixed possible out of bounds read when receiving a specially crafted exit status message channel packet (CVE-2019-3862) + Fixed possible zero byte allocation when reading a specially crafted SFTP packet (CVE-2019-3858) + Fixed possible out of bounds reads when processing specially crafted SFTP packets (CVE-2019-3860) + Fixed possible out of bounds reads in _libssh2_packet_require(v) (CVE-2019-3859)
Aug. 31, 2018 Alexey Shabalin 1.8.0-alt1
- 1.8.0 - build with openssl-1.1
Nov. 25, 2015 Anton V. Boyarshinov 1.4.3-alt2
- CVE-2015-1782 fixed