Information on source package libssh

Available versions

ReleaseVersion
jessie0.6.3-4+deb8u2
jessie (security)0.6.3-4+deb8u3
stretch (security)0.7.3-2+deb9u1
buster0.8.5-1
sid0.8.5-1

Resolved issues

BugDescription
CVE-2018-10933A vulnerability was found in libssh's server-side state machine before ...
CVE-2016-0739libssh before 0.7.3 improperly truncates ephemeral secrets generated ...
CVE-2015-3146The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in ...
CVE-2014-8132Double free vulnerability in the ssh_packet_kexinit function in kex.c ...
CVE-2014-0017The RAND_bytes function in libssh before 0.6.3, when forking is ...
CVE-2013-0176The publickey_from_privatekey function in libssh before 0.5.4, when no ...
CVE-2012-6063Double free vulnerability in the sftp_mkdir function in sftp.c in ...
CVE-2012-4562Multiple integer overflows in libssh before 0.5.3 allow remote ...
CVE-2012-4561The (1) publickey_make_dss, (2) publickey_make_rsa, (3) ...
CVE-2012-4560Multiple buffer overflows in libssh before 0.5.3 allow remote ...
CVE-2012-4559Multiple double free vulnerabilities in the (1) agent_sign_data ...

Security announcements

DSA / DLADescription
DLA-1548-1libssh - security update
DSA-4322-1libssh - security update
DSA-3488-1libssh - security update
DSA-3488-1libssh - security update
DLA-425-1libssh - security update
DSA-2879-1libssh - security update
DSA-2879-1libssh - security update
DSA-2577-1libssh - several

Search for package or bug name: Reporting problems