SUSE alert SUSE-SU-2019:14098-1 (libssh2_org )
| From: | <sle-security-updates@lists.suse.com> | |
| To: | <sle-security-updates@lists.suse.com> | |
| Subject: | SUSE-SU-2019:14098-1: moderate: Security update for libssh2_org | |
| Date: | Fri, 21 Jun 2019 15:44:25 +0200 | |
| Message-ID: | <20190621134425.3DC23FFC7@maintenance.suse.de> |
SUSE Security Update: Security update for libssh2_org ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:14098-1 Rating: moderate References: #1128481 #1136570 Cross-References: CVE-2019-3860 Affected Products: SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for libssh2_org fixes the following issues: - Fix the previous fix for CVE-2019-3860 (bsc#1136570, bsc#1128481) (Out-of-bounds reads with specially crafted SFTP packets) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-libssh2_org-14098=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-libssh2_org-14098=1 Package List: - SUSE Linux Enterprise Point of Sale 11-SP3 (i586): libssh2-1-1.2.9-4.2.12.11.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): libssh2_org-debuginfo-1.2.9-4.2.12.11.1 libssh2_org-debugsource-1.2.9-4.2.12.11.1 References: https://www.suse.com/security/cve/CVE-2019-3860.html https://bugzilla.suse.com/1128481 https://bugzilla.suse.com/1136570 _______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates