aboutsummaryrefslogtreecommitdiff
tag namelibssh-0.9.3 (fae9b7a5eb375b1d2d37d9b939608900683c750b)
tag date2019-12-10 16:05:09 +0100
tagged byAndreas Schneider <asn@cryptomilk.org>
tagged objectcommit 64ce53fdba...
downloadlibssh-0.9.3.tar.gz
libssh-0.9.3.tar.xz
libssh-0.9.3.zip
libssh-0.9.3
* Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state * SSH-01-006 General: Various unchecked Null-derefs cause DOS * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys * SSH-01-010 SSH: Deprecated hash function in fingerprinting * SSH-01-013 Conf-Parsing: Recursive wildcards in hostnames lead to DOS * SSH-01-014 Conf-Parsing: Integer underflow leads to OOB array access * SSH-01-001 State Machine: Initial machine states should be set explicitly * SSH-01-002 Kex: Differently bound macros used to iterate same array * SSH-01-005 Code-Quality: Integer sign confusion during assignments * SSH-01-008 SCP: Protocol Injection via unescaped File Names * SSH-01-009 SSH: Update documentation which RFCs are implemented * SSH-01-012 PKI: Information leak via uninitialized stack buffer -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEjf9T4Y8qvI2PPJIjfuD8TcwBTj0FAl3vtDcACgkQfuD8TcwB Tj3p5BAAinlJsSk0DPGclZCobi5sB2jkbIebXNMfP8A/otnly63SfBwrsy9WoKTP GnCAQ4ihU8/8Z9g7HHMhT4f58SZ+MIh49twlWQn3PNXIt2n3rQu5rPt/313r/YUs 0LQ9yMPtYqvYs7azIMq+1eUzfJLkRuET7rzTPmolmIjQ/cfjKCID406BPOMYWf3G JcwBG2/uVifyLAJsA4Vc/t762Q37x+Ugy7MmscxCNNNPaJqH3KSWOUkaBxuehx9l ywBws3OoGTGLTgci2FM4KY1H3dAplesxYGW0V4769JwaCJ4AIzyairq5J8rLFION zfSZh6zYao8UCcW0rEXFILdt3KWI4DHibsv2LGrQX2M1PjT9VUiEQhq+P1gPrg57 /oYLmzOYR0pQagFHsOKtpkUbV2MBwogeLOh1EHawDQ2fa9uYax4kfjgdx3H0Xjpu GFMfInP57qjZsICLU9smLslB1aNBUyk4ihXurGdgmmnHzi4Qc0WdqH/FzxE6MHvI 783ePRHg3emHZwR5Oq4RMQh389Z9V8AEQnyEn9PO+cEr1nMmM6gl1WhwdM7+v9DA H8Z6LWyPASL+F2lVckGaCCEVMLplT7KVibjyj04Tf7PzYhU1XhXH7/PfmiPHoITu qM+3hqqVZKiQUo+SY+CGp+1D/Pg+IEudNah4W7dz5MysUx/QDyw= =E/tJ -----END PGP SIGNATURE-----