Description:
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.
Security Fix(es):
* libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname (CVE-2023-6004)
* libssh: Missing checks for return values for digests (CVE-2023-6918)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libssh-0.10.4-13.el9.aarch64.rpm |
b71b69337cc02300300990ed3a3ad08b9f290881f025bd9ed825ca680c2378be |
| aarch64 |
libssh-devel-0.10.4-13.el9.aarch64.rpm |
ef77faf82e1bad273bc9f6e5bbb2a8f9ccecc069cb9a810182651ef2e48a6cf7 |
| i686 |
libssh-devel-0.10.4-13.el9.i686.rpm |
7b1fc7a9ca54dc30cbbacf27777fa983ce1797a4442464285f3d8b828d028cf4 |
| i686 |
libssh-0.10.4-13.el9.i686.rpm |
d698c93cd633813e5d8aa7c519780e36104603ef30f723695eb4779eb7872f2f |
| noarch |
libssh-config-0.10.4-13.el9.noarch.rpm |
85ecc8ec9402526a3679378df72e4bca55583c0b6f819f5f3bc34f3f3f338430 |
| ppc64le |
libssh-0.10.4-13.el9.ppc64le.rpm |
670ae4d654e6611345fc6475d4d6682c5b556be0f8e2599fb923d0af2786d0a8 |
| ppc64le |
libssh-devel-0.10.4-13.el9.ppc64le.rpm |
f093228143892782d01465e5484bec39177958f7bd65d9bfa7a1bbfc11422eca |
| s390x |
libssh-devel-0.10.4-13.el9.s390x.rpm |
0ee9aa4b6b5765f1135935919ddcb73d02ed6a622eb8fe57cb0ceb63fee90423 |
| s390x |
libssh-0.10.4-13.el9.s390x.rpm |
940c7715e5c55f604ffd9f74b832dc9d4d6d6b381534420bbd869f1b0d1d63d4 |
| x86_64 |
libssh-0.10.4-13.el9.x86_64.rpm |
3fde58b1c5fd34aa3e3c4f56a22a4e3149d2fa83dcf9f1db1c87cb455ab62fde |
| x86_64 |
libssh-devel-0.10.4-13.el9.x86_64.rpm |
b385e7afcc9a2ab3d8f8aa70b0c28e66b59bf3de64656464bd0143a5c6057bd8 |
