[ALSA-2025:18286] Moderate: libssh security update
Type:
security
Severity:
moderate
Release date:
2025-10-20
Description:
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fix(es): * libssh: out-of-bounds read in sftp_handle() (CVE-2025-5318) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libssh-devel-0.9.6-15.el8_10.aarch64.rpm 53c8e272420d73ca60fb189189e7ff569ea63c81b15037a217c44efc19005e1c
aarch64 libssh-0.9.6-15.el8_10.aarch64.rpm 6abb51742aeef00e0adeecadad856ec6b70fae2568f5bea992cae355611cff90
i686 libssh-0.9.6-15.el8_10.i686.rpm 74349763a6c79390b2ba861ffe28c90919bf18751356f231e0b5b2ca102a7f4e
i686 libssh-devel-0.9.6-15.el8_10.i686.rpm a036916d9d471c6bf61c3e7085d512bec638f67b6c9ccbbe4247698cc2474c78
noarch libssh-config-0.9.6-15.el8_10.noarch.rpm 4fcaa452ee194c9e85ca445ff3e72750416603ec6e14eb5c7cfd3f251eeaab97
ppc64le libssh-0.9.6-15.el8_10.ppc64le.rpm 3088ceb801eb487d483071e22f4f4534d64111ef5b1d9278255d72418e022d99
ppc64le libssh-devel-0.9.6-15.el8_10.ppc64le.rpm 9ee4da0d42db22f08dafad46336dfd690d12ee64ed13be5d3a0c3461614ca9fd
s390x libssh-0.9.6-15.el8_10.s390x.rpm a177fe1b69516a78ad7ceb33a075b9436a559544fd592537542c9c8abcd98337
s390x libssh-devel-0.9.6-15.el8_10.s390x.rpm b325e90ebd8ead58c5d8f7ae1f93b547e963e4785b058c0e9e43d3e838bbaaf4
x86_64 libssh-devel-0.9.6-15.el8_10.x86_64.rpm 6ed2ab3d2e34c30deb1f48f58847f513743c78e4c639ee22a94f9560fe115dbe
x86_64 libssh-0.9.6-15.el8_10.x86_64.rpm c85e72c4b70dc088013a41dedfc9714d5a58e7c9a7abff50cc60ed3acd174bfb
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.