You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libssh

Sigurnosni nedostatak programske biblioteke libssh

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2020-09-15 16:15:46.340188

Name : libssh
Product : Fedora 32
Version : 0.9.5
Release : 1.fc32
Summary : A library implementing the SSH protocol
Description :
The ssh library was designed to be used by programmers needing a working SSH
implementation by the mean of a library. The complete control of the client is
made by the programmer. With libssh, you can remotely execute programs, transfer
files, use a secure and transparent tunnel for your remote programs. With its
Secure FTP implementation, you can play with remote files easily, without
third-party programs others than libcrypto (from openssl).

Update Information:

Update to version 0.9.5 * *
Fixes CVE-2020-16135

* Thu Sep 10 2020 Anderson Sasaki <> – 0.9.5-1
– Update to version 0.9.5
– Removed patch to re-enable algorithms using sha1 in sshd for testing
– The algorithms supported by sshd are now automatically detected for testing
– Resolves: #1862457 – CVE-2020-16135

[ 1 ] Bug #1862457 – CVE-2020-16135 libssh: NULL pointer dereference in sftpserver.c if ssh_buffer_new returns NULL [fedora-all]
[ 2 ] Bug #1877797 – libssh-0.9.5 is available

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-f4f5e49cb8’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorBruno Varga
Cert idNCERT-REF-2020-09-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa mysql

Otkriveni su sigurnosni nedostatci u programskom paketu mysql 8.0 za operacijski sustav RHEL. Otkriveni nedostatci potencijalnim napadačima omogućuju narušavanje povjerljivosti,...