libssh2 1.8.0-2.1 source package in Ubuntu
Changelog
libssh2 (1.8.0-2.1) unstable; urgency=high
* Non-maintainer upload.
* Possible integer overflow in transport read allows out-of-bounds write
(CVE-2019-3855) (Closes: #924965)
* Possible integer overflow in keyboard interactive handling allows
out-of-bounds write (CVE-2019-3856) (Closes: #924965)
* Possible integer overflow leading to zero-byte allocation and
out-of-bounds write (CVE-2019-3857) (Closes: #924965)
* Possible zero-byte allocation leading to an out-of-bounds read
(CVE-2019-3858) (Closes: #924965)
* Out-of-bounds reads with specially crafted payloads due to unchecked use
of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859)
(Closes: #924965)
* Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860)
(Closes: #924965)
* Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
(Closes: #924965)
* Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965)
* Integer overflow in user authenicate keyboard interactive allows
out-of-bounds writes (CVE-2019-3863) (Closes: #924965)
* Fixed misapplied patch for user auth.
* moved MAX size declarations
-- Salvatore Bonaccorso <email address hidden> Sun, 31 Mar 2019 16:06:20 +0200
Upload details
- Uploaded by:
- Mikhail Gusarov
- Uploaded to:
- Sid
- Original maintainer:
- Mikhail Gusarov
- Architectures:
- any
- Section:
- libs
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libssh2_1.8.0-2.1.dsc | 1.9 KiB | 33f070a4a32db5d3952457986d8f80c9cf874dd144d81f5bce062171564b35d9 |
| libssh2_1.8.0.orig.tar.gz | 827.1 KiB | 4382d33de790b28f862e53ed59ffbd65f3def7a06e8b6e9ca1b6f70453b4d5e0 |
| libssh2_1.8.0-2.1.debian.tar.xz | 13.7 KiB | e3c34166cddaba7f2162132ef4f4bdc1490c499ee6610bde81f773adef43489e |
Available diffs
- diff from 1.8.0-2 to 1.8.0-2.1 (8.4 KiB)
No changes file available.
Binary packages built by this source
- libssh2-1: No summary available for libssh2-1 in ubuntu disco.
No description available for libssh2-1 in ubuntu disco.
- libssh2-1-dbgsym: No summary available for libssh2-1-dbgsym in ubuntu disco.
No description available for libssh2-1-dbgsym in ubuntu disco.
- libssh2-1-dev: No summary available for libssh2-1-dev in ubuntu eoan.
No description available for libssh2-1-dev in ubuntu eoan.
