Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#11829 closed enhancement (fixed)

libssh2-1.8.1 (9 security fixes)

Reported by: Douglas R. Reno Owned by: ken@…
Priority: highest Milestone: 9.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Hello!

I'm writing you to announce the release of nine separate security advisories concerning libssh2.

All these fixes are also included in the brand new libssh2 1.8.1 release, just shipped and available on https://www.libssh2.org/

CVE-2019-3855
 Possible integer overflow in transport read allows out-of-bounds write
 URL: https://www.libssh2.org/CVE-2019-3855.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3855.patch

CVE-2019-3856
 Possible integer overflow in keyboard interactive handling allows
 out-of-bounds write
 URL: https://www.libssh2.org/CVE-2019-3856.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch

CVE-2019-3857
 Possible integer overflow leading to zero-byte allocation and out-of-bounds
 write
 URL: https://www.libssh2.org/CVE-2019-3857.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3857.patch

CVE-2019-3858
 Possible zero-byte allocation leading to an out-of-bounds read
 URL: https://www.libssh2.org/CVE-2019-3858.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3858.patch

CVE-2019-3859
 Out-of-bounds reads with specially crafted payloads due to unchecked use of
 `_libssh2_packet_require` and `_libssh2_packet_requirev`
 URL: https://www.libssh2.org/CVE-2019-3859.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3859.patch

CVE-2019-3860
 Out-of-bounds reads with specially crafted SFTP packets
 URL: https://www.libssh2.org/CVE-2019-3860.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3860.patch

CVE-2019-3861
 Out-of-bounds reads with specially crafted SSH packets
 URL: https://www.libssh2.org/CVE-2019-3861.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3861.patch

CVE-2019-3862
 Out-of-bounds memory comparison
 URL: https://www.libssh2.org/CVE-2019-3862.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3862.patch

CVE-2019-3863
 Integer overflow in user authenicate keyboard interactive allows
 out-of-bounds writes
 URL: https://www.libssh2.org/CVE-2019-3863.html
 Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3863.txt

-- 

 / daniel.haxx.se

Change History (4)

comment:1 by ken@…, 5 years ago

Owner: changed from blfs-book to ken@…
Status: newassigned

comment:2 by ken@…, 5 years ago

One test fails even if gpg is installed:

FAIL: ssh2.sh
=============

command-line line 0: Deprecated option UsePrivilegeSeparation^M
command-line line 0: Deprecated option UsePrivilegeSeparation^M
Fingerprint: 86 AD B2 21 33 60 65 3D 9A 29 86 DE 22 99 DA 18 CC BA D3 AC 
Authentication methods: publickey,password,keyboard-interactive
        Authentication by public key failed!

comment:3 by ken@…, 5 years ago

Resolution: fixed
Status: assignedclosed

Reported upstream, if they get my mail.

Fixed at r21361.

comment:4 by Bruce Dubbs, 5 years ago

Milestone: 8.59.0

Milestone renamed

Note: See TracTickets for help on using tickets.