libssh 0.6.0rc1 3

We are proud to announce the release of the first release candidate of libssh 0.6.0. We have rewritten a lot of code to provide a better API and added a lot of features. The most important changes are the new public key API, Kerberos support, ECDSA and ECDH support and the new callback based server support. If you are new […]

libssh 0.5.5 3

This is another bugfix release of libssh version 0.5. If you are new to libssh read The Tutorial how to get started. Please join our mailing list or visit our irc channel if you have questions. You can download libssh 0.5.5 here. For Windows binaries we suggest to use the MSVC or MinGW binaries from the KDE Windows project here. […]

libssh 0.5.4 (SECURITY RELEASE) 4

This is an important SECURITY and maintenance release in order to address CVE-2013-0176 – NULL dereference leads to denial of service. The crash could kill a SSH server using libssh. However it depends on the the server process model how bad the situation can be. If you use a forked model to implement your server, the user will just kill […]

libssh 0.5.3 (SECURITY RELEASE) 2

This is an important SECURITY and maintenance release in order to address CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. CVE-2012-4559 – Fix multiple double free() flaws CVE-2012-4560 – Fix multiple buffer overflow flaws CVE-2012-4561 – Fix multiple invalid free() flaws CVE-2012-4562 – Fix multiple improper overflow checks The double free in sftp_parse_attr_3() could be used for a Denial of Service attack against […]