| Name: | libssh2 |
|---|---|
| Version: | 1.4.3 |
| Release: | 12.0.1.el7_6.3 |
| Architecture: | aarch64 |
| Group: | System Environment/Libraries |
| Size: | 370478 |
| License: | BSD |
| RPM: | libssh2-1.4.3-12.0.1.el7_6.3.aarch64.rpm |
| Source RPM: | libssh2-1.4.3-12.0.1.el7_6.3.src.rpm |
| Build Date: | Mon Jul 29 2019 |
| Build Host: | ca-buildarm04.us.oracle.com |
| Vendor: | Oracle America |
| URL: | http://www.libssh2.org/ |
| Summary: | A library implementing the SSH2 protocol |
| Description: | libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25), SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*, SECSH-DHGEX(04), and SECSH-NUMBERS(10). |
- Bump and rebuild.
- fix out-of-bounds memory comparison with specially crafted message channel request (CVE-2019-3862)
- sanitize public header file (detected by rpmdiff)
- fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863) - fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)
- session: avoid printing misleading debug messages (#1503294) - scp: send valid commands for remote execution (#1489733)
- use secrects of the appropriate length in Diffie-Hellman (CVE-2016-0787)
- check length of data extracted from the SSH_MSG_KEXINIT packet (CVE-2015-1782)
- curl consumes too much memory during scp download (#1080459) - prevent a not-connected agent from closing STDIN (#1147717)
- Mass rebuild 2014-01-24
- Mass rebuild 2013-12-27