libssh2-1.4.2-2.AXS4.1
エラータID: AXSA:2016-135:01
Release date:
Friday, March 11, 2016 - 11:59
Subject:
libssh2-1.4.2-2.AXS4.1
Affected Channels:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
libssh2 is a library implementing the SSH2 protocol as defined by
Internet Drafts: SECSH-TRANS(22), SECSH-USERAUTH(25),
SECSH-CONNECTION(23), SECSH-ARCH(20), SECSH-FILEXFER(06)*,
SECSH-DHGEX(04), and SECSH-NUMBERS(10).
Security issues fixed with this release:
CVE-2016-0787
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
Solution:
Update packages.
CVEs:
CVE-2016-0787
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
Additional Info:
N/A
Download:
SRPMS
- libssh2-1.4.2-2.AXS4.1.src.rpm
MD5: df00dbe16b34b3a21d6dd04fd739e3b7
SHA-256: 3e535ef624808fdd55656c4d63771763b981a4c78b6dada57b5c2d3d30ccee0b
Size: 677.04 kB
Asianux Server 4 for x86
- libssh2-1.4.2-2.AXS4.1.i686.rpm
MD5: a04d147fc1fef5464429c6ff344a3cf8
SHA-256: a13c42d5f82bf222dd1dd5cf57f86789d3277d2bd278de86fcd50ffea8ff1df1
Size: 123.68 kB
Asianux Server 4 for x86_64
- libssh2-1.4.2-2.AXS4.1.x86_64.rpm
MD5: e1588bd3fc450107480f508b952bb617
SHA-256: 16fcd41367a63c1278b622492eb756f2fe563590c5906956150971b793dd56e7
Size: 121.91 kB - libssh2-1.4.2-2.AXS4.1.i686.rpm
MD5: a04d147fc1fef5464429c6ff344a3cf8
SHA-256: a13c42d5f82bf222dd1dd5cf57f86789d3277d2bd278de86fcd50ffea8ff1df1
Size: 123.68 kB