Synopsis: Important: libssh2 security update
Advisory ID: SLSA-2019:1652-1
Issue Date: 2019-07-02
CVE Numbers: CVE-2019-3855
CVE-2019-3856
CVE-2019-3857
CVE-2019-3863
—
Security Fix(es):
* libssh2: Integer overflow in transport read resulting in out of bounds
write (CVE-2019-3855)
* libssh2: Integer overflow in keyboard interactive handling resulting in
out of bounds write (CVE-2019-3856)
* libssh2: Integer overflow in SSH packet processing channel resulting in
out of bounds write (CVE-2019-3857)
* libssh2: Integer overflow in user authenticate keyboard interactive
allows out-of-bounds writes (CVE-2019-3863)
—
SL6
x86_64
libssh2-1.4.2-3.el6_10.1.i686.rpm
libssh2-1.4.2-3.el6_10.1.x86_64.rpm
libssh2-debuginfo-1.4.2-3.el6_10.1.i686.rpm
libssh2-debuginfo-1.4.2-3.el6_10.1.x86_64.rpm
libssh2-devel-1.4.2-3.el6_10.1.i686.rpm
libssh2-devel-1.4.2-3.el6_10.1.x86_64.rpm
libssh2-docs-1.4.2-3.el6_10.1.x86_64.rpm
i386
libssh2-1.4.2-3.el6_10.1.i686.rpm
libssh2-debuginfo-1.4.2-3.el6_10.1.i686.rpm
libssh2-devel-1.4.2-3.el6_10.1.i686.rpm
libssh2-docs-1.4.2-3.el6_10.1.i686.rpm
– Scientific Linux Development Team
