Headline
RHSA-2023:3839: Red Hat Security Advisory: libssh security update
An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-1667: A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
- CVE-2023-2283: A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the
pki_verify_data_signature
function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return valuerc,
which is initialized to SSH_ERROR and later rewritten to save the return value of the function callpki_key_check_hash_compatible.
The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them callsgoto error
returning SSH_OK.
Synopsis
Moderate: libssh security update
Type / Sévérité
Security Advisory: Moderate
Analyse des correctifs dans Red Hat Insights
Identifiez et remédiez aux systèmes concernés par cette alerte.
Voir les systèmes concernés
Sujet
An update for libssh is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.
Security Fix(es):
- libssh: NULL pointer dereference during rekeying with algorithm guessing (CVE-2023-1667)
- libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing these updated packages, all running applications using libssh must be restarted for this update to take effect.
Produits concernés
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
- Red Hat Enterprise Linux Server - TUS 8.8 x86_64
- Red Hat Enterprise Linux for ARM 64 8 aarch64
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64
Correctifs
- BZ - 2182199 - CVE-2023-1667 libssh: NULL pointer dereference during rekeying with algorithm guessing
- BZ - 2189736 - CVE-2023-2283 libssh: authorization bypass in pki_verify_data_signature
Red Hat Enterprise Linux for x86_64 8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm
SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm
SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm
SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b
Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm
SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm
SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm
SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b
Red Hat Enterprise Linux for IBM z Systems 8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
s390x
libssh-0.9.6-10.el8_8.s390x.rpm
SHA-256: e8daf158b816e7d288ac92c27ca37c6f47417267b62640ea2bcbd6f10a473d1e
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm
SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm
SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm
SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm
SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-devel-0.9.6-10.el8_8.s390x.rpm
SHA-256: 42f8344c6d2d741dfc37550c4aae3882e25b04387af5d8705b3f2bf937248881
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
s390x
libssh-0.9.6-10.el8_8.s390x.rpm
SHA-256: e8daf158b816e7d288ac92c27ca37c6f47417267b62640ea2bcbd6f10a473d1e
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm
SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm
SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm
SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm
SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-devel-0.9.6-10.el8_8.s390x.rpm
SHA-256: 42f8344c6d2d741dfc37550c4aae3882e25b04387af5d8705b3f2bf937248881
Red Hat Enterprise Linux for Power, little endian 8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
ppc64le
libssh-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: cf7c0fac766a00c94e60e4305e8e798bde305b04ed0f190dd24fa1802b9c7d3b
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: de6645063a1741f3e3b66863f403c927ce7bd83f5f8f87544712c6c476aa8bad
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
ppc64le
libssh-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: cf7c0fac766a00c94e60e4305e8e798bde305b04ed0f190dd24fa1802b9c7d3b
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: de6645063a1741f3e3b66863f403c927ce7bd83f5f8f87544712c6c476aa8bad
Red Hat Enterprise Linux Server - TUS 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm
SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm
SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm
SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b
Red Hat Enterprise Linux for ARM 64 8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
aarch64
libssh-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 39ce46dd3749db69922940255fb2e9ea1536320eb3eb457a895cc855ed721070
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-devel-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 079ff169eb9fca30f43dde7da7f5cac8cdcb692e8deb22837bc14f82e5868b14
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
aarch64
libssh-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 39ce46dd3749db69922940255fb2e9ea1536320eb3eb457a895cc855ed721070
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-devel-0.9.6-10.el8_8.aarch64.rpm
SHA-256: 079ff169eb9fca30f43dde7da7f5cac8cdcb692e8deb22837bc14f82e5868b14
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
ppc64le
libssh-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: cf7c0fac766a00c94e60e4305e8e798bde305b04ed0f190dd24fa1802b9c7d3b
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm
SHA-256: de6645063a1741f3e3b66863f403c927ce7bd83f5f8f87544712c6c476aa8bad
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8
SRPM
libssh-0.9.6-10.el8_8.src.rpm
SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm
SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm
SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm
SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm
SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm
SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm
SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm
SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm
SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b
Related news
Gentoo Linux Security Advisory 202312-5 - Multiple vulnerabilities have been discovered in libssh, the worst of which could lead to remote code execution. Versions greater than or equal to 0.10.5 are affected.
Red Hat Security Advisory 2023-5314-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.
Red Hat OpenShift Service Mesh 2.2.10 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-35941: A flaw was found in Envoy, where a malicious client can construct credentials with permanent validity in a specific scenario. This issue is caused by some rare scenarios, such as the combination of host and expiration time, in which the HMAC payload can always be valid in the OAuth2 filter's HMAC check. * CVE-2023-35944: A flaw was found in Envoy that allows for mixed-case sche...
Red Hat Security Advisory 2023-4972-01 - Multicluster Engine for Kubernetes 2.1.8 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-4893-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Red Hat Advanced Cluster Management for Kubernetes 2.8.1 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3027: The grc-policy-propagator allows security escalation within the cluster. The propagator allows policies which contain some dynamically obtained values (instead of the policy apply a static manifest on a managed cluster) of taking advantage of cluster scoped access in a created polic...
This is the multiarch release of the AMQ Broker 7.11.1 aligned Operator and associated container images on Red Hat Enterprise Linux 8 for the OpenShift Container Platform. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-4065: No description is available for this CVE. * CVE-2023-4066: No description is available for this CVE.
Red Hat Security Advisory 2023-4694-01 - Red Hat OpenStack Platform (RHOSP) 16.2.z (Train) director Operator containers are now available. Issues addressed include a code execution vulnerability.
Multicluster Engine for Kubernetes 2.2.7 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. * CVE-2023-37903: A flaw was found in the vm2 custom inspect function, which allows attackers to escape t...
Red Hat Security Advisory 2023-4575-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters.
The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject...
Red Hat Security Advisory 2023-4472-01 - Version 1.29.1 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.10, 4.11, 4.12, and 4.13. This release includes security and bug fixes, and enhancements.
Gatekeeper Operator v0.2 security fixes and enhancements Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4289-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Red Hat Security Advisory 2023-4290-01 - OpenShift sandboxed containers 1.4.1 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4293-01 - The Migration Toolkit for Containers (MTC) 1.7.11 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate.
Red Hat Security Advisory 2023-4286-01 - Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
Red Hat Security Advisory 2023-4287-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
The Migration Toolkit for Containers (MTC) 1.7.11 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-24539: A flaw was found in golang where angle brackets (<>) were not considered dangerous characters when inserted into CSS contexts. Tem...
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.5 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4276-01 - An update is now available for Red Hat DevWorkspace Operator. Red Hat Product Security has rated this update as having a security impact of Moderate.
An update is now available for Red Hat DevWorkspace Operator. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4241-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.10.14 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.9 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat Security Advisory 2023-4204-01 - VolSync is a Kubernetes operator that enables asynchronous replication of persistent volumes within a cluster, or across clusters. After deploying the VolSync operator, it can create and maintain copies of your persistent data.
VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat OpenShift Service Mesh 2.2.8 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modu...
Red Hat OpenShift Service Mesh 2.4.1 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Red Hat OpenShift Service Mesh 2.3.5 Containers Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41723: A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests. * CVE-2023-3089: A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptog...
An update is now available for Red Hat OpenShift Logging Subsystem 5.7.3 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-26115: A flaw was found in the Node.js word-wrap module, where it is vulnerable to a denial of service caused by a Regular expression denial of service (ReDoS) issue in the result variable. By sending a specially crafted regex input, a remote attacker can cause a denial of service. * CVE-2023-26136: A flaw was found in the tough-cookie package. Affec...
Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes new features and bug fixes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-27191: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentication with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability. * CVE...
Ubuntu Security Notice 6138-1 - Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. Kevin Backhouse discovered that libssh incorrectly handled verifying data signatures. A remote attacker could possibly use this issue to bypass authorization.
Ubuntu Security Notice 6138-1 - Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. Kevin Backhouse discovered that libssh incorrectly handled verifying data signatures. A remote attacker could possibly use this issue to bypass authorization.
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service.
Debian Linux Security Advisory 5409-1 - Two security issues have been discovered in libssh, a tiny C SSH library.
Debian Linux Security Advisory 5409-1 - Two security issues have been discovered in libssh, a tiny C SSH library.