[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] libssh 0.5.3 release fixes multiple security issues
From: Vincent Danen <vdanen () redhat ! com>
Date: 2012-11-20 16:14:38
Message-ID: 20121120161438.GY4959 () redhat ! com
[Download RAW message or body]
As reported to distros@ on 20121114:
A number of flaws were found in libssh prior to 0.5.3 by Xi Wang and Florian
Weimer of the Red Hat Product Security Team:
CVE-2012-4559: multiple double free() flaws
CVE-2012-4560: multiple buffer overflow flaws
CVE-2012-4561: multiple invalid free() flaws
CVE-2012-4562: multiple improper overflow checks
http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4559
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4560
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4561
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-4562
Patches for the flaws are attached to the bugs in our bugzilla.
--
Vincent Danen / Red Hat Security Response Team
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic