Description:
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.
Security Fix(es):
* libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (CVE-2023-6004)
* libssh: Missing checks for return values for digests (CVE-2023-6918)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libssh-0.9.6-14.el8.aarch64.rpm |
d26dd2ed1bad8dc525e13c08c624e103b7d4d0694479b4c273ffea32ec7e2105 |
| aarch64 |
libssh-devel-0.9.6-14.el8.aarch64.rpm |
ed03cd0ffc597355697fd583019d772752692dda6efd2dfaa49888bebb9ac079 |
| i686 |
libssh-0.9.6-14.el8.i686.rpm |
2f489c852a21d9960b371939f4bcd0a6441f64da175229dd7b659ddf824187d8 |
| i686 |
libssh-devel-0.9.6-14.el8.i686.rpm |
9fc6b1145b34914f08660e634bb1d64d00d9da2b54868085a465d0d2e667c520 |
| noarch |
libssh-config-0.9.6-14.el8.noarch.rpm |
8e44f49609aa6e15bc598ca54ba81da66d21d3fc07606ac7bdc0b743d2475b0f |
| ppc64le |
libssh-0.9.6-14.el8.ppc64le.rpm |
370a17f8a0576cd4c15703289842857b2cc05c4c4b3fb0f157092b0b5d6d979e |
| ppc64le |
libssh-devel-0.9.6-14.el8.ppc64le.rpm |
b3c9c2ec6cc65be8fd3106cae26fec8f39f1cacf043ce440841a9eac974e296c |
| s390x |
libssh-devel-0.9.6-14.el8.s390x.rpm |
79ec804d6b502017c023cfdb560f09ba2a1ed4c0a426cd73d853c7fba33d6f33 |
| s390x |
libssh-0.9.6-14.el8.s390x.rpm |
81bc45672e7c6f868817cd4faf3143b2e3c344d0487a558611c3818bc0a1545f |
| x86_64 |
libssh-devel-0.9.6-14.el8.x86_64.rpm |
093f88abe8f8bb1cfb2fd2a0f7c09909ca708c864dafe5f3efd1300090041637 |
| x86_64 |
libssh-0.9.6-14.el8.x86_64.rpm |
737d4c9bbaf921010e931acf34e70a2a8db781ee73bcde467f144084198fd273 |
