ELSA-2022-2031

ELSA-2022-2031 - libssh security, bug fix, and enhancement update

Type:SECURITY
Severity:LOW
Release Date:2022-05-17

Description


[0.9.6-3]
- Remove STI tests

[0.9.6-2]
- Remove bad patch causing errors
- Adding BuildRequires for openssh (SSHD support)

[0.9.6-1]
- Fix CVE-2021-3634: Fix possible heap-buffer overflow when
rekeying with different key exchange mechanism
- Rebase to version 0.9.6
- Rename SSHD_EXECUTABLE to SSH_EXECUTABLE in tests/torture.c
- Resolves: rhbz#1896651, rhbz#1994600

[0.9.4-4]
- Revert previous commit as it is incorrect.

[0.9.6-1]
- Fix CVE-2021-3634: Fix possible heap-buffer overflow when
rekeying with different key exchange mechanism (#1978810)


Related CVEs


CVE-2021-3634

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) libssh-0.9.6-3.el8.src.rpm4a44fde6c9ca89483ff68da6155c1044-
libssh-0.9.6-3.el8.aarch64.rpmad29faa589cfdf591c76e09cc178bb58-
libssh-config-0.9.6-3.el8.noarch.rpmad16939b1563d8a275771a060cb70abe-
libssh-devel-0.9.6-3.el8.aarch64.rpm9c9bad9eb84efc1fb5dac56bc76b5ed7-
Oracle Linux 8 (x86_64) libssh-0.9.6-3.el8.src.rpm4a44fde6c9ca89483ff68da6155c1044-
libssh-0.9.6-3.el8.i686.rpm01930b425e4feacdeee50d01219c701d-
libssh-0.9.6-3.el8.x86_64.rpmae50275971d75fb8ff54f31b4576308f-
libssh-config-0.9.6-3.el8.noarch.rpmad16939b1563d8a275771a060cb70abe-
libssh-devel-0.9.6-3.el8.i686.rpmd63d4584ac48d7763b93b2f3cbc9a9c0-
libssh-devel-0.9.6-3.el8.x86_64.rpm0f8e964f197af95ed802d58b4ea44746-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete