Accepting request 928800 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/928800 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libssh?expand=0&rev=65
2021-11-03 16:26:03 +00:00 · 2021-11-03 16:26:03 +00:00 · 9938b7e3e3
commit 9938b7e3e3
parent 5c752a15ab 4397453d7f
1 changed files with 3 additions and 1 deletions
--- a/libssh.changes
+++ b/libssh.changes
@ -28,6 +28,8 @@ Thu Apr  9 07:50:07 UTC 2020 - Andreas Schneider <asn@cryptomilk.org>

 - Update to version 0.9.4
  * https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/
+  * Fix possible Denial of Service attack when using AES-CTR-ciphers
+    CVE-2020-1730 (bsc#1168699)

 -------------------------------------------------------------------
 Tue Feb 18 14:05:49 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
@ -40,7 +42,7 @@ Tue Feb 18 14:05:49 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>
 Tue Dec 10 19:08:47 UTC 2019 - Andreas Schneider <asn@cryptomilk.org>

 - Update to version 0.9.3
-  * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution
+  * Fixed CVE-2019-14889 - SCP: Unsanitized location leads to command execution (bsc#1158095)
  * SSH-01-003 Client: Missing NULL check leads to crash in erroneous state
  * SSH-01-006 General: Various unchecked Null-derefs cause DOS
  * SSH-01-007 PKI Gcrypt: Potential UAF/double free with RSA pubkeys