Ubuntu

“libssh” 0.4.2-1ubuntu1.1 source package in The Lucid Lynx

Publishing history

0.4.2-1ubuntu1.1
SUPERSEDED: Lucid pocket Updates in component main and section libs
  • Removed from disk on 2013-01-30.
  • Removal requested on 2013-01-29.
  • Superseded on 2013-01-28 by libssh - 0.4.2-1ubuntu1.2
  • Published on 2012-11-26
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
0.4.2-1ubuntu1.1
SUPERSEDED: Lucid pocket Security in component main and section libs
  • Removed from disk on 2013-01-30.
  • Removal requested on 2013-01-29.
  • Superseded on 2013-01-28 by libssh - 0.4.2-1ubuntu1.2
  • Published on 2012-11-26
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

libssh (0.4.2-1ubuntu1.1) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    multiple double free flaws
    - debian/patches/CVE-2012-4559.patch: properly do frees in
      libssh/agent.c, libssh/channels.c, libssh/sftp.c.
    - CVE-2012-4559
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple invalid free flaws
    - debian/patches/CVE-2012-4561.patch: properly zero structs in
      libssh/keys.c.
    - CVE-2012-4561
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple improper overflow checks
    - debian/patches/CVE-2012-4562.patch: do proper overflow checks in
      libssh/buffer.c, libssh/dh.c, libssh/string.c.
    - CVE-2012-4562
 -- Marc Deslauriers <email address hidden>   Thu, 22 Nov 2012 14:32:59 -0500