Lucene search
GoogleOSV:RLSA-2020:4545HistoryNov 03, 2020 - 12:14 p.m.
Moderate: libssh security, bug fix, and enhancement update
2020-11-0312:14:19
Google
osv.dev
7
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.
The following packages have been upgraded to a later upstream version: libssh (0.9.4). (BZ#1804797)
Security Fix(es):
-
libssh: denial of service when handling AES-CTR (or DES) ciphers (CVE-2020-1730)
-
libssh: unsanitized location in scp could lead to unwanted command execution (CVE-2019-14889)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.3 Release Notes linked from the References section.
References
Related
nessus
nessus
RHEL 8 : libssh (RHSA-2020:4545)
2020-11-04 00:00:00
CentOS 8 : libssh (CESA-2020:4545)
2021-02-01 00:00:00
Oracle Linux 8 : libssh (ELSA-2020-4545)
2020-11-12 00:00:00
rocky
rocky
libssh security, bug fix, and enhancement update
2020-11-03 12:14:19
almalinux
almalinux
Moderate: libssh security, bug fix, and enhancement update
2020-11-03 12:14:19
redhat
redhat
oraclelinux
oraclelinux
libssh security, bug fix, and enhancement update
2020-11-10 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: libssh-0.9.3-1.fc31
2019-12-18 01:56:36
[SECURITY] Fedora 30 Update: libssh-0.9.3-1.fc30
2020-01-03 20:36:26
[SECURITY] Fedora 31 Update: libssh-0.9.4-2.fc31
2020-04-18 00:08:45
osv
osv
CVE-2019-14889
2019-12-10 23:15:10
libssh - security update
2019-12-17 00:00:00
CVE-2020-1730
2020-04-13 19:15:11
nvd
nvd
CVE-2019-14889
2019-12-10 23:15:10
CVE-2020-1730
2020-04-13 19:15:11
gentoo
gentoo
libssh: Arbitrary command execution
2020-03-15 00:00:00
libssh: Denial of service
2020-04-10 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2019:3307-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:0139-1)
2021-04-19 00:00:00
Fedora Update for libssh FEDORA-2019-8b0ad69829
2020-01-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libssh version 0.8.8-alt1
2020-03-13 00:00:00
Security fix for the ALT Linux 9 package libssh version 0.9.3-alt1
2019-12-14 00:00:00
suse
suse
Security update for libssh (important)
2020-01-25 00:00:00
Security update for libssh (important)
2019-12-17 00:00:00
Security update for libssh (moderate)
2020-04-12 00:00:00
ubuntucve
ubuntucve
CVE-2019-14889
2019-12-10 00:00:00
CVE-2020-1730
2020-04-09 00:00:00
mageia
mageia
Updated libssh packages fix security vulnerability
2019-12-19 16:44:26
Updated libssh packages fix security vulnerability
2020-04-15 13:12:14
alpinelinux
alpinelinux
CVE-2019-14889
2019-12-10 23:15:10
CVE-2020-1730
2020-04-13 19:15:11
debian
debian
[SECURITY] [DLA 2038-1] libssh security update
2019-12-17 12:42:41
[SECURITY] [DLA 3437-1] libssh security update
2023-05-29 22:01:33
cvelist
cvelist
CVE-2019-14889
2019-12-10 00:00:00
CVE-2020-1730
2020-04-13 00:00:00
cve
cve
CVE-2019-14889
2019-12-10 23:15:10
CVE-2020-1730
2020-04-13 19:15:11
prion
prion
Command injection
2019-12-10 23:15:00
Design/Logic Flaw
2020-04-13 19:15:00
debiancve
debiancve
CVE-2019-14889
2019-12-10 23:15:10
CVE-2020-1730
2020-04-13 19:15:11
redhatcve
redhatcve
CVE-2019-14889
2020-04-07 17:03:58
CVE-2020-1730
2020-04-09 11:15:24
veracode
veracode
Arbitrary Code Execution
2019-12-11 04:07:33
Denial Of Service (DoS)
2020-08-06 21:36:13
freebsd
freebsd
Client/server denial of service when handling AES-CTR ciphers
2020-01-25 00:00:00
ubuntu
ubuntu
libssh vulnerability
2019-12-10 00:00:00
libssh vulnerability
2020-04-09 00:00:00
ibm
ibm
archlinux
archlinux
[ASA-202004-11] libssh: denial of service
2020-04-09 00:00:00
f5
f5
K05295501 : libssh vulnerability CVE-2020-1730
2020-07-14 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2020
2020-04-14 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00