Daily Archives: April 30, 2015

1 post

libssh 0.6.5 (Security and bugfix release)

This is an important SECURITY and maintenance release in order to address CVE-2015-3146 – Possible double free on a dangling pointer with crafted kexinit packet. libssh versions 0.5.1 and above have a logical error in the handling of a SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A detected error did not set the session into the error state correctly and further processed the […]