Publishing details

• Removed from disk on 2020-08-05.
• Removal requested on 2020-08-05.
• Superseded on 2020-08-04 by libssh - 0.6.3-4.3ubuntu0.6
• Published on 2019-12-10
• Copied from ubuntu xenial in Private PPA for Ubuntu Security Team by Marc Deslauriers

Changelog

libssh (0.6.3-4.3ubuntu0.5) xenial-security; urgency=medium

  * SECURITY UPDATE: unsanitized location in scp could lead to unwanted
    command execution
    - debian/patches/CVE-2019-14889-1.patch: reformat code in scp/scp.c.
    - debian/patches/CVE-2019-14889-2.patch: log SCP warnings received from
      the server in src/scp.c.
    - debian/patches/CVE-2019-14889-3.patch: add function to quote file
      names in include/libssh/misc.h, src/misc.c.
    - debian/patches/CVE-2019-14889-4.patch: don't allow file path longer
      than 32kb in src/scp.c.
    - debian/patches/CVE-2019-14889-5.patch: quote location to be used on
      shell in src/scp.c.
    - CVE-2019-14889

 -- Marc Deslauriers <email address hidden>  Tue, 10 Dec 2019 10:32:29 -0500

Builds

• amd64
• arm64
• armhf
• i386
• powerpc
• ppc64el
• s390x

Package files

• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_amd64.ddeb (1.0 KiB)
• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_arm64.ddeb (1.0 KiB)
• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_armhf.ddeb (1.0 KiB)
• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_i386.ddeb (1.0 KiB)
• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_powerpc.ddeb (1.0 KiB)
• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_ppc64el.ddeb (1.0 KiB)
• libssh-4-dbgsym_0.6.3-4.3ubuntu0.5_s390x.ddeb (1.0 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_amd64.deb (117.6 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_arm64.deb (93.8 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_armhf.deb (96.2 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_i386.deb (131.6 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_powerpc.deb (100.1 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_ppc64el.deb (113.3 KiB)
• libssh-4_0.6.3-4.3ubuntu0.5_s390x.deb (108.7 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_amd64.deb (754.9 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_arm64.deb (770.5 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_armhf.deb (732.3 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_i386.deb (631.8 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_powerpc.deb (776.4 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_ppc64el.deb (852.5 KiB)
• libssh-dbg_0.6.3-4.3ubuntu0.5_s390x.deb (735.6 KiB)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_amd64.ddeb (1.0 KiB)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_arm64.ddeb (1.0 KiB)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_armhf.ddeb (1022 bytes)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_i386.ddeb (1.0 KiB)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_powerpc.ddeb (1.0 KiB)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_ppc64el.ddeb (1022 bytes)
• libssh-dev-dbgsym_0.6.3-4.3ubuntu0.5_s390x.ddeb (1.0 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_amd64.deb (148.9 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_arm64.deb (130.1 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_armhf.deb (130.5 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_i386.deb (165.8 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_powerpc.deb (128.5 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_ppc64el.deb (145.5 KiB)
• libssh-dev_0.6.3-4.3ubuntu0.5_s390x.deb (142.1 KiB)
• libssh-doc_0.6.3-4.3ubuntu0.5_all.deb (228.4 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_amd64.ddeb (1.0 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_arm64.ddeb (1.0 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_armhf.ddeb (1.0 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_i386.ddeb (1.0 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_powerpc.ddeb (1.0 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_ppc64el.ddeb (1.0 KiB)
• libssh-gcrypt-4-dbgsym_0.6.3-4.3ubuntu0.5_s390x.ddeb (1.0 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_amd64.deb (117.3 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_arm64.deb (93.3 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_armhf.deb (95.7 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_i386.deb (130.9 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_powerpc.deb (99.8 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_ppc64el.deb (114.6 KiB)
• libssh-gcrypt-4_0.6.3-4.3ubuntu0.5_s390x.deb (107.6 KiB)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_amd64.ddeb (1.0 KiB)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_arm64.ddeb (1.0 KiB)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_armhf.ddeb (1.0 KiB)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_i386.ddeb (1.0 KiB)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_powerpc.ddeb (1.0 KiB)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_ppc64el.ddeb (1022 bytes)
• libssh-gcrypt-dev-dbgsym_0.6.3-4.3ubuntu0.5_s390x.ddeb (1.0 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_amd64.deb (148.7 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_arm64.deb (129.7 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_armhf.deb (130.0 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_i386.deb (164.9 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_powerpc.deb (128.0 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_ppc64el.deb (146.5 KiB)
• libssh-gcrypt-dev_0.6.3-4.3ubuntu0.5_s390x.deb (141.6 KiB)
• libssh_0.6.3-4.3ubuntu0.5.debian.tar.xz (35.1 KiB)
• libssh_0.6.3-4.3ubuntu0.5.dsc (2.4 KiB)
• libssh_0.6.3.orig.tar.xz (272.9 KiB)