Linux Security
    Linux Security
    Linux Security

    Fedora 32: libssh 2020-f4f5e49cb8

    Date
    84
    Posted By
    Update to version 0.9.5 * https://www.libssh.org/2020/09/10/libssh-0-9-5/ * Fixes CVE-2020-16135
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2020-f4f5e49cb8
    2020-09-15 16:15:46.340188
    --------------------------------------------------------------------------------
    
    Name        : libssh
    Product     : Fedora 32
    Version     : 0.9.5
    Release     : 1.fc32
    URL         : https://www.libssh.org
    Summary     : A library implementing the SSH protocol
    Description :
    The ssh library was designed to be used by programmers needing a working SSH
    implementation by the mean of a library. The complete control of the client is
    made by the programmer. With libssh, you can remotely execute programs, transfer
    files, use a secure and transparent tunnel for your remote programs. With its
    Secure FTP implementation, you can play with remote files easily, without
    third-party programs others than libcrypto (from openssl).
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Update to version 0.9.5  * https://www.libssh.org/2020/09/10/libssh-0-9-5/ *
    Fixes CVE-2020-16135
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Thu Sep 10 2020 Anderson Sasaki  - 0.9.5-1
    - Update to version 0.9.5
      https://www.libssh.org/2020/09/10/libssh-0-9-5/
    - Removed patch to re-enable algorithms using sha1 in sshd for testing
    - The algorithms supported by sshd are now automatically detected for testing
    - Resolves: #1862457 - CVE-2020-16135
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1862457 - CVE-2020-16135 libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1862457
      [ 2 ] Bug #1877797 - libssh-0.9.5 is available
            https://bugzilla.redhat.com/show_bug.cgi?id=1877797
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2020-f4f5e49cb8' at the command
    line. For more information, refer to the dnf documentation available at
    https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    Advisories

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/37-how-are-you-contributing-to-open-source?task=poll.vote&format=json
    37
    radio
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.