Login
Newsletter
Werbung

Sicherheit: Denial of Service in libssh
Aktuelle Meldungen Distributionen
Name: Denial of Service in libssh
ID: USN-4447-1
Distribution: Ubuntu
Plattformen: Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS
Datum: Di, 4. August 2020, 23:31
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16135
Applikationen: libssh

Originalnachricht


--===============2449977938730238571==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="AhhlLboLdkugWU4S"
Content-Disposition: inline


--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4447-1
August 04, 2020

libssh vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS

Summary:

libssh could be made to crash if it received a specially crafted request.

Software Description:
- libssh: None

Details:

It was discovered that libssh incorrectly handled certain requests.
An attacker could possibly use this issue to cause a denial of service.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
libssh-4 0.9.3-2ubuntu2.1

Ubuntu 18.04 LTS:
libssh-4 0.8.0~20170825.94fa1e38-1ubuntu0.7

Ubuntu 16.04 LTS:
libssh-4 0.6.3-4.3ubuntu0.6

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4447-1
CVE-2020-16135

Package Information:
https://launchpad.net/ubuntu/+source/libssh/0.9.3-2ubuntu2.1
https://launchpad.net/ubuntu/+source/libssh/0.8.0~20170825.94fa1e38-1ubuntu0.7
https://launchpad.net/ubuntu/+source/libssh/0.6.3-4.3ubuntu0.6

--AhhlLboLdkugWU4S
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEf+ebRFcoyOoAQoOeRbznW4QLH2kFAl8piw4ACgkQRbznW4QL
H2nStRAAm2c7+3ogNldUCdIsuMJUBsttY+u5iwBYRObFoeU8LvWro3mLSiIorT+S
6ZsHkYsCDPjY/6oxcA5j9WaskndyhkGKM4kGoJ5oKID3+ogBH6rgkWYMnVUe3eSq
ezLByWFXpdegZGbcweGimAtsu8GEpyFVm2nNRWs4kRKO0CSey+zIcKphMG/2KzIf
v2ybqIpUaHxW3K4dqfpf3ov524a834iupDtmpWIV8kK4mlpqPdnZlhwlUcXNL753
XZwVKQKZuvBwYtR90nJxwiMluVD4b5FU+vRT29uHVuvSbw9XTChcGDTeZ23TK6Kc
3u9zofMuOxxRAJJftewnSOSTxkUnbuDxebQs+uGkGDXU7wm1T/63lcLKfDIrKt0d
ssMVXymUyHWUCZutnMtK/9ZBg6hu+2QhoAYUB0YJDoRThW3LbBcxRnpZ4rB2/RIN
TkrUWWDXS+HfzpBNhrEzkZtkVyb96d4nB/CyYEpBHGqhtBNCGmbZgtiAlTNnWmox
lHgrCe/wbL6VlfwrojaVHMcPxhsNxfAl/Zepn8knZsYNHFYG56frId1Z73G53iMQ
A8T7sErCuSe1vuJdNYKt9+3pfZcQxaTXoUzhGbS3NIKVqRxQlmHFuvh3jMU2E9lW
FKymaMJOJfXQeknED1Cg5wwd5qolIdGqujRIoV1SuXlhN3YATWw=
=a0tm
-----END PGP SIGNATURE-----

--AhhlLboLdkugWU4S--


--===============2449977938730238571==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung