godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-01 13:49:03 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2019.02.11
buildroot/package/libssh2
History
Fabrice Fontaine 13ffc622a1 package/libssh2: fix CVE-2019-17498 
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in
packet.c has an integer overflow in a bounds check, enabling an attacker
to specify an arbitrary (out-of-bounds) offset for a subsequent memory
read. A crafted SSH server may be able to disclose sensitive information
or cause a denial of service condition on the client system when a user
connects to the server.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 8d76402ee1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-03-14 18:32:28 +01:00
..
0001-drop-custom-buildconf-script.patch
package/libssh2: switch site to https://www.libssh2.org/download
2019-09-02 17:16:45 +02:00
0002-acinclude.m4-add-mbedtls-to-LIBS.patch
0003-packet-c-improve-message-parsing.patch
package/libssh2: fix CVE-2019-17498
2020-03-14 18:32:28 +01:00
Config.in
libssh2.hash
package/libssh2: switch site to https://www.libssh2.org/download
2019-09-02 17:16:45 +02:00
libssh2.mk
package/libssh2: fix CVE-2019-17498
2020-03-14 18:32:28 +01:00