A libssh security update has been released for AlmaLinux 8.
ALSA-2023:3839 Moderate: libssh security update
Type:
security
Severity:
moderate
Release date:
2023-06-30
Description
Security Fix(es):
* libssh: NULL pointer dereference during rekeying with algorithm guessing (CVE-2023-1667)
* libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
CVE-2023-1667
CVE-2023-2283
RHSA-2023:3839
ALSA-2023:3839
Updates packages:
libssh-devel-0.9.6-10.el8_8.s390x.rpm
libssh-config-0.9.6-10.el8_8.noarch.rpm
libssh-devel-0.9.6-10.el8_8.aarch64.rpm
libssh-0.9.6-10.el8_8.i686.rpm
libssh-0.9.6-10.el8_8.ppc64le.rpm
libssh-devel-0.9.6-10.el8_8.i686.rpm
libssh-devel-0.9.6-10.el8_8.x86_64.rpm
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm
libssh-0.9.6-10.el8_8.s390x.rpm
libssh-0.9.6-10.el8_8.x86_64.rpm
libssh-0.9.6-10.el8_8.aarch64.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.
