libssh2 1.8.0-2.1 source package in Ubuntu

Changelog

libssh2 (1.8.0-2.1) unstable; urgency=high

  * Non-maintainer upload.
  * Possible integer overflow in transport read allows out-of-bounds write
    (CVE-2019-3855) (Closes: #924965)
  * Possible integer overflow in keyboard interactive handling allows
    out-of-bounds write (CVE-2019-3856) (Closes: #924965)
  * Possible integer overflow leading to zero-byte allocation and
    out-of-bounds write (CVE-2019-3857) (Closes: #924965)
  * Possible zero-byte allocation leading to an out-of-bounds read
    (CVE-2019-3858) (Closes: #924965)
  * Out-of-bounds reads with specially crafted payloads due to unchecked use
    of _libssh2_packet_require and _libssh2_packet_requirev (CVE-2019-3859)
    (Closes: #924965)
  * Out-of-bounds reads with specially crafted SFTP packets (CVE-2019-3860)
    (Closes: #924965)
  * Out-of-bounds reads with specially crafted SSH packets (CVE-2019-3861)
    (Closes: #924965)
  * Out-of-bounds memory comparison (CVE-2019-3862) (Closes: #924965)
  * Integer overflow in user authenicate keyboard interactive allows
    out-of-bounds writes (CVE-2019-3863) (Closes: #924965)
  * Fixed misapplied patch for user auth.
  * moved MAX size declarations

 -- Salvatore Bonaccorso <email address hidden>  Sun, 31 Mar 2019 16:06:20 +0200

Upload details

Uploaded by:
Mikhail Gusarov on 2019-04-03
Uploaded to:
Sid
Original maintainer:
Mikhail Gusarov
Architectures:
any
Section:
libs
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Eoan release on 2019-04-18 universe libs
Disco release on 2019-04-03 universe libs

Downloads

File Size SHA-256 Checksum
libssh2_1.8.0-2.1.dsc 1.9 KiB 33f070a4a32db5d3952457986d8f80c9cf874dd144d81f5bce062171564b35d9
libssh2_1.8.0.orig.tar.gz 827.1 KiB 4382d33de790b28f862e53ed59ffbd65f3def7a06e8b6e9ca1b6f70453b4d5e0
libssh2_1.8.0-2.1.debian.tar.xz 13.7 KiB e3c34166cddaba7f2162132ef4f4bdc1490c499ee6610bde81f773adef43489e

Available diffs

No changes file available.

Binary packages built by this source

libssh2-1: SSH2 client-side library

 libssh2 is a client-side C library implementing the SSH2 protocol.
 It supports regular terminal, SCP and SFTP (v1-v5) sessions;
 port forwarding, X11 forwarding; password, key-based and
 keyboard-interactive authentication.
 .
 This package contains the runtime library.

libssh2-1-dbgsym: debug symbols for libssh2-1
libssh2-1-dev: SSH2 client-side library (development headers)

 libssh2 is a client-side C library implementing the SSH2 protocol.
 It supports regular terminal, SCP and SFTP (v1-v5) sessions;
 port forwarding, X11 forwarding; password, key-based and
 keyboard-interactive authentication.
 .
 This package contains the development files.