You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa libssh

Sigurnosni nedostatak programskog paketa libssh

  • Detalji os-a: WN7
  • Važnost: INF
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2020-04-18 00:06:48.213775

Name : libssh
Product : Fedora 31
Version : 0.9.4
Release : 2.fc31
Summary : A library implementing the SSH protocol
Description :
The ssh library was designed to be used by programmers needing a working SSH
implementation by the mean of a library. The complete control of the client is
made by the programmer. With libssh, you can remotely execute programs, transfer
files, use a secure and transparent tunnel for your remote programs. With its
Secure FTP implementation, you can play with remote files easily, without
third-party programs others than libcrypto (from openssl).

Update Information:

Fixes CVE-2020-1730

* Wed Apr 15 2020 Anderson Sasaki <> – 0.9.4-2
– Added patch to fix returned version
* Thu Apr 9 2020 Anderson Sasaki <> – 0.9.4-1
– Update to version 0.9.4
– Removed inclusion of OpenSSH server configuration file from
– Added patch to re-enable algorithms using sha1 in sshd for testing
– resolves: #1822529 – CVE-2020-1730

[ 1 ] Bug #1822519 – libssh-0.9.4 is available
[ 2 ] Bug #1822529 – CVE-2020-1730 libssh: denial of service when handling AES-CTR (or DES) ciphers [fedora-all]

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-5a77f0d68f’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorVlatka Misic
Cert idNCERT-REF-2020-04-0001-ADV
More in Preporuke
Sigurnosni nedostatak programskog paketa git

Otkriven je sigurnosni nedostatak u programskom paketu git za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje osjetljivih informacija....