Information on source package libssh2

Available versions

ReleaseVersion
buster1.8.0-2.1
bullseye1.9.0-2
bookworm1.10.0-3
sid1.10.0-3

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2019-17498vulnerable (no DSA)fixedfixedfixedIn libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic i ...
CVE-2019-13115vulnerable (no DSA)fixedfixedfixedIn libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha2 ...

Resolved issues

BugDescription
CVE-2019-3863A flaw was found in libssh2 before 1.8.1. A server could send a multip ...
CVE-2019-3862An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
CVE-2019-3861An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
CVE-2019-3860An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
CVE-2019-3859An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...
CVE-2019-3858An out of bounds read flaw was discovered in libssh2 before 1.8.1 when ...
CVE-2019-3857An integer overflow flaw which could lead to an out of bounds write wa ...
CVE-2019-3856An integer overflow flaw, which could lead to an out of bounds write, ...
CVE-2019-3855An integer overflow flaw which could lead to an out of bounds write wa ...
CVE-2016-0787The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 im ...
CVE-2015-1782The kex_agree_methods function in libssh2 before 1.5.0 allows remote s ...

Security announcements

DSA / DLADescription
DLA-2848-1libssh2 - security update
DLA-1991-1libssh2 - security update
DLA-1730-4libssh2 - regression update
DLA-1730-3libssh2 - regression update
DSA-4431-1libssh2 - security update
DLA-1730-2libssh2 - regression update
DLA-1730-1libssh2 - security update
DSA-3487-1libssh2 - security update
DLA-426-1libssh2 - security update
DLA-171-1libssh2 - security update
DSA-3182-1libssh2 - security update
Search for package or bug name: Reporting problems