-
Fri Jun 14 2019 Qing Lin <qing.lin@oracle.com> 1.4.3-12.0.1.el7_6.2
- [Orabug: 29909723] Added patch CVE-2019-3862
added length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add()(CVE-2019-3862)
-
Wed Mar 20 2019 Kamil Dudka <kdudka@redhat.com> 1.4.3-12.el7_6.2
- sanitize public header file (detected by rpmdiff)
-
Tue Mar 19 2019 Kamil Dudka <kdudka@redhat.com> 1.4.3-12.el7_6.1
- fix integer overflow in keyboard interactive handling that allows out-of-bounds writes (CVE-2019-3863)
- fix integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857)
- fix integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856)
- fix integer overflow in transport read resulting in out of bounds write (CVE-2019-3855)
-
Tue Sep 26 2017 Kamil Dudka <kdudka@redhat.com> 1.4.3-12
- session: avoid printing misleading debug messages (#1503294)
- scp: send valid commands for remote execution (#1489733)
-
Fri Feb 19 2016 Kamil Dudka <kdudka@redhat.com> 1.4.3-11
- use secrects of the appropriate length in Diffie-Hellman (CVE-2016-0787)
-
Mon Jun 01 2015 Kamil Dudka <kdudka@redhat.com> 1.4.3-10
- check length of data extracted from the SSH_MSG_KEXINIT packet (CVE-2015-1782)
-
Tue May 05 2015 Kamil Dudka <kdudka@redhat.com> 1.4.3-9
- curl consumes too much memory during scp download (#1080459)
- prevent a not-connected agent from closing STDIN (#1147717)
-
Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.4.3-8
- Mass rebuild 2014-01-24
-
Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.4.3-7
- Mass rebuild 2013-12-27
-
Wed Aug 14 2013 Kamil Dudka <kdudka@redhat.com> 1.4.3-6
- fix very slow sftp upload to localhost
- fix a use after free in channel.c