Ubuntu

“libssh” 0.5.2-1ubuntu0.12.10.1 source package in The Quantal Quetzal

Publishing history

0.5.2-1ubuntu0.12.10.1
SUPERSEDED: Quantal pocket Updates in component main and section libs
  • Removed from disk on 2013-01-30.
  • Removal requested on 2013-01-29.
  • Superseded on 2013-01-28 by libssh - 0.5.2-1ubuntu0.12.10.2
  • Published on 2012-11-26
  • Copied from ubuntu quantal in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot
0.5.2-1ubuntu0.12.10.1
SUPERSEDED: Quantal pocket Security in component main and section libs
  • Removed from disk on 2013-01-30.
  • Removal requested on 2013-01-29.
  • Superseded on 2013-01-28 by libssh - 0.5.2-1ubuntu0.12.10.2
  • Published on 2012-11-26
  • Copied from ubuntu quantal in Private PPA for Ubuntu Security Team by Marc Deslauriers

Builds

Changelog

libssh (0.5.2-1ubuntu0.12.10.1) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    multiple double free flaws
    - debian/patches/CVE-2012-4559.patch: properly do frees in src/agent.c,
      src/channels.c, src/sftp.c.
    - CVE-2012-4559
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple buffer overflows
    - debian/patches/CVE-2012-4560.patch: properly calculate sizes in
      src/misc.c.
    - CVE-2012-4560
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple invalid free flaws
    - debian/patches/CVE-2012-4561.patch: don't use after free in
      src/keyfiles.c, properly zero structs in src/keys.c.
    - CVE-2012-4561
  * SECURITY UPDATE: denial of service and possible code execution via
    multiple improper overflow checks
    - debian/patches/CVE-2012-4562.patch: do proper overflow checks in
      src/buffer.c, src/dh.c, src/string.c.
    - CVE-2012-4562
 -- Marc Deslauriers <email address hidden>   Thu, 22 Nov 2012 13:34:54 -0500