Mailinglist Archive: opensuse-updates (98 mails)

< Previous Next >
openSUSE-SU-2015:0534-1: moderate: Security update for libssh2_org
openSUSE Security Update: Security update for libssh2_org
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:0534-1
Rating: moderate
References: #921070
Cross-References: CVE-2015-1782
Affected Products:
openSUSE 13.2
openSUSE 13.1
______________________________________________________________________________

An update that fixes one vulnerability is now available.

Description:


libssh2_org was updated to version 1.5.0 to fix bugs and a security issue.

Changes in 1.5.0: Added Windows Cryptography API: Next Generation based
backend

Bug fixes:
- Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782
- missing _libssh2_error in _libssh2_channel_write
- knownhost: Fix DSS keys being detected as unknown.
- knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short
buffer.
- libssh2.h: on Windows, a socket is of type SOCKET, not int
- libssh2_priv.h: a 1 bit bit-field should be unsigned
- windows build: do not export externals from static library
- Fixed two potential use-after-frees of the payload buffer
- Fixed a few memory leaks in error paths
- userauth: Fixed an attempt to free from stack on error
- agent_list_identities: Fixed memory leak on OOM
- knownhosts: Abort if the hosts buffer is too small
- sftp_close_handle: ensure the handle is always closed
- channel_close: Close the channel even in the case of errors
- docs: added missing libssh2_session_handshake.3 file
- docs: fixed a bunch of typos
- userauth_password: pass on the underlying error code
- _libssh2_channel_forward_cancel: accessed struct after free
- _libssh2_packet_add: avoid using uninitialized memory
- _libssh2_channel_forward_cancel: avoid memory leaks on error
- _libssh2_channel_write: client spins on write when window full
- windows build: fix build errors
- publickey_packet_receive: avoid junk in returned pointers
- channel_receive_window_adjust: store windows size always
- userauth_hostbased_fromfile: zero assign to avoid uninitialized use
- configure: change LIBS not LDFLAGS when checking for libs
- agent_connect_unix: make sure there's a trailing zero
- MinGW build: Fixed redefine warnings.
- sftpdir.c: added authentication method detection.
- Watcom build: added support for WinCNG build.
- configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS
- sftp_statvfs: fix for servers not supporting statfvs extension
- knownhost.c: use LIBSSH2_FREE macro instead of free
- Fixed compilation using mingw-w64
- knownhost.c: fixed that 'key_type_len' may be used uninitialized
- configure: Display individual crypto backends on separate lines
- examples on Windows: check for WSAStartup return code
- examples on Windows: check for socket return code
- agent.c: check return code of MapViewOfFile
- kex.c: fix possible NULL pointer de-reference with session->kex
- packet.c: fix possible NULL pointer de-reference within listen_state
- tests on Windows: check for WSAStartup return code
- userauth.c: improve readability and clarity of for-loops
- examples on Windows: use native SOCKET-type instead of int
- packet.c: i < 256 was always true and i would overflow to 0
- kex.c: make sure mlist is not set to NULL
- session.c: check return value of session_nonblock in debug mode
- session.c: check return value of session_nonblock during startup
- userauth.c: make sure that sp_len is positive and avoid overflows
- knownhost.c: fix use of uninitialized argument variable wrote
- openssl: initialise the digest context before calling EVP_DigestInit()
- libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET
- configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib
- configure.ac: Rework crypto library detection
- configure.ac: Reorder --with-* options in --help output
- configure.ac: Call zlib zlib and not libz in text but keep option names
- Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro
- sftp: seek: Don't flush buffers on same offset
- sftp: statvfs: Along error path, reset the correct 'state' variable.
- sftp: Add support for fsync (OpenSSH extension).
- _libssh2_channel_read: fix data drop when out of window
- comp_method_zlib_decomp: Improve buffer growing algorithm
- _libssh2_channel_read: Honour window_size_initial
- window_size: redid window handling for flow control reasons
- knownhosts: handle unknown key types


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-242=1

- openSUSE 13.1:

zypper in -t patch openSUSE-2015-242=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.2 (i586 x86_64):

libssh2-1-1.5.0-9.4.1
libssh2-1-debuginfo-1.5.0-9.4.1
libssh2-devel-1.5.0-9.4.1
libssh2_org-debugsource-1.5.0-9.4.1

- openSUSE 13.2 (x86_64):

libssh2-1-32bit-1.5.0-9.4.1
libssh2-1-debuginfo-32bit-1.5.0-9.4.1

- openSUSE 13.1 (i586 x86_64):

libssh2-1-1.5.0-7.4.1
libssh2-1-debuginfo-1.5.0-7.4.1
libssh2-devel-1.5.0-7.4.1
libssh2_org-debugsource-1.5.0-7.4.1

- openSUSE 13.1 (x86_64):

libssh2-1-32bit-1.5.0-7.4.1
libssh2-1-debuginfo-32bit-1.5.0-7.4.1


References:

http://support.novell.com/security/cve/CVE-2015-1782.html
https://bugzilla.suse.com/921070


< Previous Next >
This Thread
  • No further messages