8d76402ee1
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> |
||
|---|---|---|
| .. | ||
| 0001-drop-custom-buildconf-script.patch | ||
| 0002-acinclude.m4-add-mbedtls-to-LIBS.patch | ||
| 0003-packet-c-improve-message-parsing.patch | ||
| Config.in | ||
| libssh2.hash | ||
| libssh2.mk | ||