ELSA-2019-2136
- ULN >
- Oracle Linux Errata repository >
- ELSA-2019-2136
ELSA-2019-2136 - libssh2 security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2019-08-13 |
Description
[1.8.0-3]
- sanitize public header file (detected by rpmdiff)
[1.8.0-2]
- fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863)
- fix out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)
- fix out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
- fix zero-byte allocation in SFTP packet processing resulting in out-of-bounds read (CVE-2019-3858)
- fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857)
- fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856)
- fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)
[1.8.0-1]
- rebase to 1.8.0 (#1592784)
Related CVEs
| CVE-2019-3858 |
| CVE-2019-3861 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
| Oracle Linux 7 (aarch64) | libssh2-1.8.0-3.el7.src.rpm | fa9e4be43827eefe10d5992e6c4c7bc3 | ELSA-2020-3915 |
| libssh2-1.8.0-3.el7.aarch64.rpm | 8314a593cc0cd3e0070cf995f3d81ca4 | ELSA-2020-3915 | |
| libssh2-devel-1.8.0-3.el7.aarch64.rpm | 428d7798a02be82130d0130e0c087148 | ELSA-2020-3915 | |
| libssh2-docs-1.8.0-3.el7.noarch.rpm | a96542c91ae324eb11cd1af3209b8bef | ELSA-2020-3915 | |
| Oracle Linux 7 (x86_64) | libssh2-1.8.0-3.el7.src.rpm | fa9e4be43827eefe10d5992e6c4c7bc3 | ELSA-2020-3915 |
| libssh2-1.8.0-3.el7.i686.rpm | 2126467be72885eab71fc909af7f508a | ELSA-2020-3915 | |
| libssh2-1.8.0-3.el7.x86_64.rpm | 063bf3841994d3c9135a7bc2ca34996f | ELSA-2020-3915 | |
| libssh2-devel-1.8.0-3.el7.i686.rpm | dc540fdd4a4225a0df84d96b7727caa8 | ELSA-2020-3915 | |
| libssh2-devel-1.8.0-3.el7.x86_64.rpm | de50e2282f7881819272d90368a07d97 | ELSA-2020-3915 | |
| libssh2-docs-1.8.0-3.el7.noarch.rpm | a96542c91ae324eb11cd1af3209b8bef | ELSA-2020-3915 | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
