[ALSA-2022:2031] Low: libssh security, bug fix, and enhancement update
Type:
security
Severity:
low
Release date:
2023-03-13
Description:
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh (0.9.6). (BZ#1896651) Security Fix(es): * libssh: possible heap-based buffer overflow when rekeying (CVE-2021-3634) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 libssh-0.9.6-3.el8.aarch64.rpm 0d8b8c93884569b228c5fed39f92f02709af666ed0a3da751363135906a1f510
aarch64 libssh-devel-0.9.6-3.el8.aarch64.rpm 178e04c64f809c6b7a93c79f053351739330e90369f6cf966c8064a916a7a6c9
i686 libssh-devel-0.9.6-3.el8.i686.rpm 0b9c6ff36b0bdc945a810045349f3dc77f9239e26f2ec0f8e49e2850d9289bcd
i686 libssh-0.9.6-3.el8.i686.rpm bb9efed681931ca4c468eb39dfcd47d395a02165173b811f0a93d7f97e3eabeb
i686 libssh-0.9.6-3.el8.i686.rpm bb9efed681931ca4c468eb39dfcd47d395a02165173b811f0a93d7f97e3eabeb
noarch libssh-config-0.9.6-3.el8.noarch.rpm dba1532fbf41e1492401e5fe2d4adba7f31b6b761eec2b358ca05cd279cfbd3d
ppc64le libssh-0.9.6-3.el8.ppc64le.rpm 2e7cfceb4e76ef1aff19bf20bc7514c4b0c33988f6eafe84f23b13e724770993
ppc64le libssh-devel-0.9.6-3.el8.ppc64le.rpm f92af0effe93270cb6e4c89ef54222cc2d5be31df4c28c54da202d191042f766
x86_64 libssh-devel-0.9.6-3.el8.x86_64.rpm 12fc86640a82b789771c3cfa243217f8fe1fe5b16c69e83332d876954227514e
x86_64 libssh-0.9.6-3.el8.x86_64.rpm ff2a286f6ac2c9c903fe9788e388de801c645d1edac5b494cb904bca57aeddc6
x86_64 libssh-0.9.6-3.el8.x86_64.rpm ff2a286f6ac2c9c903fe9788e388de801c645d1edac5b494cb904bca57aeddc6
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.