Nom du paquet
libssh
Date
2012-11-29
Advisory ID
MDVSA-2012:175
Affected versions
2011 i586 , 2011 x86_64

Problem description

Multiple double free(), buffer overflow, invalid free() and improper
overflow checks vulnerabilities was found and corrected in libssh
(CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562).

The updated packages have been upgraded to the 0.5.3 version which
is not affected by these issues.

Updated packages

2011 i586

 6caa9057d2acb9c4f72e62f9963ee616  2011/i586/libssh4-0.5.3-0.1-mdv2011.0.i586.rpm
 b8f7788c70db71ef6407a35b132b859d  2011/i586/libssh-devel-0.5.3-0.1-mdv2011.0.i586.rpm 
 9e49cafcb16a359fbdeb784ddfd95709  2011/SRPMS/libssh-0.5.3-0.1.src.rpm

2011 x86_64

 5ee32a4b70dc10b76862c0e5d4d4e09f  2011/x86_64/lib64ssh4-0.5.3-0.1-mdv2011.0.x86_64.rpm
 d34b185770ea7f0fe4f79bbefd29a08d  2011/x86_64/lib64ssh-devel-0.5.3-0.1-mdv2011.0.x86_64.rpm 
 9e49cafcb16a359fbdeb784ddfd95709  2011/SRPMS/libssh-0.5.3-0.1.src.rpm

References