Univention Bugzilla – Bug 48012
libssh: Multiple issues (4.3)
Last modified: 2018-10-18 14:34:28 CEST
New Debian libssh 0.7.3-2+deb9u1 fixes: This update addresses the following issue: * Authentication Bypass due to improper message callbacks implementation (CVE-2018-10933)
--- mirror/ftp/4.3/unmaintained/4.3-0/source/libssh_0.7.3-2.dsc +++ apt/ucs_4.3-0-errata4.3-2/source/libssh_0.7.3-2+deb9u1.dsc @@ -1,3 +1,8 @@ +0.7.3-2+deb9u1 [Tue, 16 Oct 2018 21:18:05 +0200] Salvatore Bonaccorso <carnil@debian.org>: + + * Non-maintainer upload by the Security Team. + * Authentication bypass vulnerability (CVE-2018-10933) (Closes: #911149) + 0.7.3-2 [Tue, 29 Nov 2016 15:58:36 +0100] Laurent Bigonville <bigon@debian.org>: * debian/control: Explicitly build against openssl1.0 for now as libssh <http://10.200.17.11/4.3-2/#1710511932245691722>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.3-2] 7cfa749c3e Bug #48012: libssh 0.7.3-2+deb9u1 doc/errata/staging/libssh.yaml | 13 +++++++++++++ 1 file changed, 13 insertions(+)
<http://errata.software-univention.de/ucs/4.3/282.html>