projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2f813df) | patch
package/libssh2: fix CVE-2019-17498
authorFabrice Fontaine <fontaine.fabrice@gmail.com>
Sat, 29 Feb 2020 11:31:32 +0000 (12:31 +0100)
committerYann E. MORIN <yann.morin.1998@free.fr>
Sat, 29 Feb 2020 16:31:50 +0000 (17:31 +0100)
commit8d76402ee113bd6d47b0d13162f2a753f98e37d5
treeb58598603714fa7803b268354207e8db40a0768atree
parent2f813df3d92cc91070e8fd447cb81e9851c68785commit | diff
package/libssh2: fix CVE-2019-17498

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in
packet.c has an integer overflow in a bounds check, enabling an attacker
to specify an arbitrary (out-of-bounds) offset for a subsequent memory
read. A crafted SSH server may be able to disclose sensitive information
or cause a denial of service condition on the client system when a user
connects to the server.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/libssh2/0003-packet-c-improve-message-parsing.patch [new file with mode: 0644] blob
package/libssh2/libssh2.mk diff | blob | history