AlmaLinux 2324 Published by

A libssh security update has been released for AlmaLinux 8.



ALSA-2023:3839 Moderate: libssh security update


Type:
security

Severity:
moderate

Release date:
2023-06-30

Description
Security Fix(es):
* libssh: NULL pointer dereference during rekeying with algorithm guessing (CVE-2023-1667)
* libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2023-1667
CVE-2023-2283
RHSA-2023:3839
ALSA-2023:3839

Updates packages:
libssh-devel-0.9.6-10.el8_8.s390x.rpm
libssh-config-0.9.6-10.el8_8.noarch.rpm
libssh-devel-0.9.6-10.el8_8.aarch64.rpm
libssh-0.9.6-10.el8_8.i686.rpm
libssh-0.9.6-10.el8_8.ppc64le.rpm
libssh-devel-0.9.6-10.el8_8.i686.rpm
libssh-devel-0.9.6-10.el8_8.x86_64.rpm
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm
libssh-0.9.6-10.el8_8.s390x.rpm
libssh-0.9.6-10.el8_8.x86_64.rpm
libssh-0.9.6-10.el8_8.aarch64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2023:3839 Moderate: libssh security update