Debian Bug report logs -
#924965
libssh2: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863
Package:
src:libssh2;
Maintainer for src:libssh2 is Mikhail Gusarov <dottedmag@debianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: ...
Chris Coulson discovered several vulnerabilities in libssh2, a SSH2
client-side library, which could result in denial of service,
information leaks or the execution of arbitrary code
For the stable distribution (stretch), these problems have been fixed in
version 170-1+deb9u1
We recommend that you upgrade your libssh2 packages
For the detailed ...
Synopsis
Important: libssh2 security update
Type/Severity
Security Advisory: Important
Topic
An update for libssh2 is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Important: libssh2 security update
Type/Severity
Security Advisory: Important
Topic
An update for libssh2 is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, ...
Synopsis
Important: libssh2 security update
Type/Severity
Security Advisory: Important
Topic
An update for libssh2 is now available for Red Hat Enterprise Linux 73 Advanced Update Support, Red Hat Enterprise Linux 73 Telco Extended Update Support, and Red Hat Enterprise Linux 73 Update Services for SAP S ...
Synopsis
Important: libssh2 security update
Type/Severity
Security Advisory: Important
Topic
An update for libssh2 is now available for Red Hat Enterprise Linux 75 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: libssh2 security update
Type/Severity
Security Advisory: Important
Topic
An update for libssh2 is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Synopsis
Important: virt:rhel security update
Type/Severity
Security Advisory: Important
Topic
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CV ...
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server(CVE-2019-3856)
An integer overflow flaw which could lead to an out of boun ...
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server(CVE-2019-3855)
An integer overflow flaw which could lead to an out of bounds wr ...
An issue has been found in libssh2 before 181 where a server could send a SSH_MSG_CHANNEL_REQUEST packet with an exit signal message with a length of max unsigned integer value The length would then have a value of 1 added to it and used to allocate memory causing a possible memory write out of bounds error or zero byte allocation ...
Vulmon