|
|
Log in / Subscribe / Register

Oracle alert ELSA-2015-2140 (libssh2)



From:
    	      Errata Announcements for Oracle Linux <el-errata@oss.oracle.com> 


To:
    	      el-errata@oss.oracle.com 


Subject:
    	      [El-errata] ELSA-2015-2140 Low: Oracle Linux 7 libssh2 security and bug fix update 


Date:
    	      Mon, 23 Nov 2015 18:43:57 -0800


Message-ID:
    	      <5653CEED.1080802@oracle.com>


Oracle Linux Security Advisory ELSA-2015-2140

http://linux.oracle.com/errata/ELSA-2015-2140.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
libssh2-1.4.3-10.el7.i686.rpm
libssh2-1.4.3-10.el7.x86_64.rpm
libssh2-devel-1.4.3-10.el7.i686.rpm
libssh2-devel-1.4.3-10.el7.x86_64.rpm
libssh2-docs-1.4.3-10.el7.noarch.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/libssh2-1.4.3-10....



Description of changes:

[1.4.3-10]
- check length of data extracted from the SSH_MSG_KEXINIT packet 
(CVE-2015-1782)

[1.4.3-9]
- curl consumes too much memory during scp download (#1080459)
- prevent a not-connected agent from closing STDIN (#1147717)


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds