{"affected":[{"ecosystem_specific":{"binaries":[{"libssh2-devel":"1.11.0-29.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"libssh2_org","purl":"pkg:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.11.0-29.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libssh2-1":"1.11.0-29.6.1","libssh2-1-32bit":"1.11.0-29.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"libssh2_org","purl":"pkg:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.11.0-29.6.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libssh2-1":"1.11.0-29.6.1","libssh2-1-32bit":"1.11.0-29.6.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"libssh2_org","purl":"pkg:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.11.0-29.6.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for libssh2_org fixes the following issues:\n\nlibssh2_org was upgraded to version 1.11.0 in SUSE Linux Enterprise Server 12 SP5 (jsc#PED-5721)\n\nVersion update to 1.11.0:\n\n* Enhancements and bugfixes:\n\n - Adds support for encrypt-then-mac (ETM) MACs\n - Adds support for AES-GCM crypto protocols\n - Adds support for sk-ecdsa-sha2-nistp256 and sk-ssh-ed25519 keys\n - Adds support for RSA certificate authentication\n - Adds FIDO support with *_sk() functions\n - Adds RSA-SHA2 key upgrading to OpenSSL, WinCNG, mbedTLS, OS400 backends\n - Adds Agent Forwarding and libssh2_agent_sign()\n - Adds support for Channel Signal message libssh2_channel_signal_ex()\n - Adds support to get the user auth banner message libssh2_userauth_banner()\n - Adds LIBSSH2_NO_{MD5, HMAC_RIPEMD, DSA, RSA, RSA_SHA1, ECDSA, ED25519,\n AES_CBC, AES_CTR, BLOWFISH, RC4, CAST, 3DES} options\n - Adds direct stream UNIX sockets with libssh2_channel_direct_streamlocal_ex()\n - Adds wolfSSL support to CMake file\n - Adds mbedTLS 3.x support\n - Adds LibreSSL 3.5 support\n - Adds support for CMake 'unity' builds\n - Adds CMake support for building shared and static libs in a single pass\n - Adds symbol hiding support to CMake\n - Adds support for libssh2.rc for all build tools\n - Adds .zip, .tar.xz and .tar.bz2 release tarballs\n - Enables ed25519 key support for LibreSSL 3.7.0 or higher\n - Improves OpenSSL 1.1 and 3 compatibility\n - Now requires OpenSSL 1.0.2 or newer\n - Now requires CMake 3.1 or newer\n - SFTP: Adds libssh2_sftp_open_ex_r() and libssh2_sftp_open_r() extended APIs\n - SFTP: No longer has a packet limit when reading a directory\n - SFTP: now parses attribute extensions if they exist\n - SFTP: no longer will busy loop if SFTP fails to initialize\n - SFTP: now clear various errors as expected\n - SFTP: no longer skips files if the line buffer is too small\n - SCP: add option to not quote paths\n - SCP: Enables 64-bit offset support unconditionally\n - Now skips leading \\r and \\n characters in banner_receive()\n - Enables secure memory zeroing with all build tools on all platforms\n - No longer logs SSH_MSG_REQUEST_FAILURE packets from keepalive\n - Speed up base64 encoding by 7x\n - Assert if there is an attempt to write a value that is too large\n - WinCNG: fix memory leak in _libssh2_dh_secret()\n - Added protection against possible null pointer dereferences\n - Agent now handles overly large comment lengths\n - Now ensure KEX replies don't include extra bytes\n - Fixed possible buffer overflow when receiving SSH_MSG_USERAUTH_BANNER\n - Fixed possible buffer overflow in keyboard interactive code path\n - Fixed overlapping memcpy()\n - Fixed DLL import name\n - Renamed local RANDOM_PADDING macro to avoid unexpected define on Windows\n - Support for building with gcc versions older than 8\n - Improvements to CMake, Makefile, NMakefile, GNUmakefile, autoreconf files\n - Restores ANSI C89 compliance\n - Enabled new compiler warnings and fixed/silenced them\n - Improved error messages\n - Now uses CIFuzz\n - Numerous minor code improvements\n - Improvements to CI builds\n - Improvements to unit tests\n - Improvements to doc files\n - Improvements to example files\n - Removed 'old gex' build option\n - Removed no-encryption/no-mac builds\n - Removed support for NetWare and Watcom wmake build files\n\nVersion update to 1.10.0:\n\n* Enhancements and bugfixes:\n\n - support ECDSA certificate authentication\n - fix detailed _libssh2_error being overwritten by generic errors\n - unified error handling\n - fix _libssh2_random() silently discarding errors\n - don't error if using keys without RSA\n - avoid OpenSSL latent error in FIPS mode\n - fix EVP_Cipher interface change in openssl 3\n - fix potential overwrite of buffer when reading stdout of command\n - use string_buf in ecdh_sha2_nistp() to avoid attempting to parse malformed data\n - correct a typo which may lead to stack overflow\n - fix random big number generation to match openssl\n - added key exchange group16-sha512 and group18-sha512.\n - add support for an OSS Fuzzer fuzzing target\n - adds support for ECDSA for both key exchange and host key algorithms\n - clean up curve25519 code\n - update the min, preferred and max DH group values based on RFC 8270.\n - changed type of LIBSSH2_FX_* constants to unsigned long\n - added diffie-hellman-group14-sha256 kex\n - fix for use of uninitialized aes_ctr_cipher.key_len when using HAVE_OPAQUE_STRUCTS, regression\n - fixes memory leaks and use after free AES EVP_CIPHER contexts when using OpenSSL 1.0.x.\n - fixes crash with delayed compression option using Bitvise server.\n - adds support for PKIX key reading\n - use new API to parse data in packet_x11_open() for better bounds checking.\n - double the static buffer size when reading and writing known hosts\n - improved bounds checking in packet_queue_listener\n - improve message parsing (CVE-2019-17498)\n - improve bounds checking in kex_agree_methods()\n - adding SSH agent forwarding.\n - fix agent forwarding message, updated example.\n - added integration test code and cmake target. Added example to cmake list.\n - don't call `libssh2_crypto_exit()` until `_libssh2_initialized` count is down to zero.\n - add an EWOULDBLOCK check for better portability\n - fix off by one error when loading public keys with no id\n - fix use-after-free crash on reinitialization of openssl backend\n - preserve error info from agent_list_identities()\n - make sure the error code is set in _libssh2_channel_open()\n - fixed misspellings\n - fix potential typecast error for `_libssh2_ecdsa_key_get_curve_type`\n - rename _libssh2_ecdsa_key_get_curve_type to _libssh2_ecdsa_get_curve_type\n\nVersion update to 1.9.0: [bsc#1178083, jsc#SLE-16922]\n\n- Enhancements and bugfixes:\n\n * adds ECDSA keys and host key support when using OpenSSL\n * adds ED25519 key and host key support when using OpenSSL 1.1.1\n * adds OpenSSH style key file reading\n * adds AES CTR mode support when using WinCNG\n * adds PEM passphrase protected file support for Libgcrypt and WinCNG\n * adds SHA256 hostkey fingerprint\n * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path()\n * adds explicit zeroing of sensitive data in memory\n * adds additional bounds checks to network buffer reads\n * adds the ability to use the server default permissions when creating sftp directories\n * adds support for building with OpenSSL no engine flag\n * adds support for building with LibreSSL\n * increased sftp packet size to 256k\n * fixed oversized packet handling in sftp\n * fixed building with OpenSSL 1.1\n * fixed a possible crash if sftp stat gets an unexpected response\n * fixed incorrect parsing of the KEX preference string value\n * fixed conditional RSA and AES-CTR support\n * fixed a small memory leak during the key exchange process\n * fixed a possible memory leak of the ssh banner string\n * fixed various small memory leaks in the backends\n * fixed possible out of bounds read when parsing public keys from the server\n * fixed possible out of bounds read when parsing invalid PEM files\n * no longer null terminates the scp remote exec command\n * now handle errors when diffie hellman key pair generation fails\n * improved building instructions\n * improved unit tests\n\n- Version update to 1.8.2: [bsc#1130103]\n\n Bug fixes:\n * Fixed the misapplied userauth patch that broke 1.8.1\n * moved the MAX size declarations from the public header\n\nUpdate to 1.7.0\n\n* Changes:\n - libssh2_session_set_last_error: Add function\n - mac: Add support for HMAC-SHA-256 and HMAC-SHA-512\n - kex: Added diffie-hellman-group-exchange-sha256 support\n - many bugfixes\n\n\nUpdate to 1.6.0\n\n* Changes:\n\n - Added libssh2_userauth_publickey_frommemory()\n\n* Bug fixes:\n\n - wait_socket: wrong use of difftime()\n - userauth: Fixed prompt text no longer being copied to the prompts struct\n - mingw build: allow to pass custom CFLAGS\n - Let mansyntax.sh work regardless of where it is called from\n Init HMAC_CTX before using it\n - direct_tcpip: Fixed channel write\n - WinCNG: fixed backend breakage\n - OpenSSL: caused by introducing libssh2_hmac_ctx_init\n - userauth.c: fix possible dereferences of a null pointer\n - wincng: Added explicit clear memory feature to WinCNG backend\n - openssl.c: fix possible segfault in case EVP_DigestInit fails\n - wincng: fix return code of libssh2_md5_init()\n - kex: do not ignore failure of libssh2_sha1_init()\n - scp: fix that scp_send may transmit not initialised memory\n - scp.c: improved command length calculation\n - nonblocking examples: fix warning about unused tvdiff on Mac OS X\n - configure: make clear-memory default but WARN if backend unsupported\n - OpenSSL: Enable use of OpenSSL that doesn't have DSA\n - OpenSSL: Use correct no-blowfish #define\n - kex: fix libgcrypt memory leaks of bignum\n - libssh2_channel_open: more detailed error message\n - wincng: fixed memleak in (block) cipher destructor\n\nUpdate to 1.5.0:\n\n* Changes:\n\n - Added Windows Cryptography API: Next Generation based backend\n\n* Bug fixes:\n\n - Security Advisory: Using `SSH_MSG_KEXINIT` data unbounded, CVE-2015-1782\n - missing _libssh2_error in _libssh2_channel_write\n - knownhost: Fix DSS keys being detected as unknown.\n - knownhost: Restore behaviour of `libssh2_knownhost_writeline` with short buffer.\n - libssh2.h: on Windows, a socket is of type SOCKET, not int\n - libssh2_priv.h: a 1 bit bit-field should be unsigned\n - Fixed two potential use-after-frees of the payload buffer\n - Fixed a few memory leaks in error paths\n - userauth: Fixed an attempt to free from stack on error\n - agent_list_identities: Fixed memory leak on OOM\n - knownhosts: Abort if the hosts buffer is too small\n - sftp_close_handle: ensure the handle is always closed\n - channel_close: Close the channel even in the case of errors\n - docs: added missing libssh2_session_handshake.3 file\n - docs: fixed a bunch of typos\n - userauth_password: pass on the underlying error code\n - _libssh2_channel_forward_cancel: accessed struct after free\n - _libssh2_packet_add: avoid using uninitialized memory\n - _libssh2_channel_forward_cancel: avoid memory leaks on error\n - _libssh2_channel_write: client spins on write when window full\n - publickey_packet_receive: avoid junk in returned pointers\n - channel_receive_window_adjust: store windows size always\n - userauth_hostbased_fromfile: zero assign to avoid uninitialized use\n - agent_connect_unix: make sure there's a trailing zero\n - MinGW build: Fixed redefine warnings.\n - sftpdir.c: added authentication method detection.\n - Watcom build: added support for WinCNG build.\n - configure.ac: replace AM_CONFIG_HEADER with AC_CONFIG_HEADERS\n - sftp_statvfs: fix for servers not supporting statfvs extension\n - knownhost.c: use LIBSSH2_FREE macro instead of free\n - Fixed compilation using mingw-w64\n - knownhost.c: fixed that 'key_type_len' may be used uninitialized\n - configure: Display individual crypto backends on separate lines\n - agent.c: check return code of MapViewOfFile\n - kex.c: fix possible NULL pointer de-reference with session->kex\n - packet.c: fix possible NULL pointer de-reference within listen_state\n - userauth.c: improve readability and clarity of for-loops\n - packet.c: i < 256 was always true and i would overflow to 0\n - kex.c: make sure mlist is not set to NULL\n - session.c: check return value of session_nonblock in debug mode\n - session.c: check return value of session_nonblock during startup\n - userauth.c: make sure that sp_len is positive and avoid overflows\n - knownhost.c: fix use of uninitialized argument variable wrote\n - openssl: initialise the digest context before calling EVP_DigestInit()\n - libssh2_agent_init: init ->fd to LIBSSH2_INVALID_SOCKET\n - configure.ac: Add zlib to Requires.private in libssh2.pc if using zlib\n - configure.ac: Rework crypto library detection\n - configure.ac: Reorder --with-* options in --help output\n - configure.ac: Call zlib zlib and not libz in text but keep option names\n - Fix non-autotools builds: Always define the LIBSSH2_OPENSSL CPP macro\n - sftp: seek: Don't flush buffers on same offset\n - sftp: statvfs: Along error path, reset the correct 'state' variable.\n - sftp: Add support for fsync (OpenSSH extension).\n - _libssh2_channel_read: fix data drop when out of window\n - comp_method_zlib_decomp: Improve buffer growing algorithm\n - _libssh2_channel_read: Honour window_size_initial\n - window_size: redid window handling for flow control reasons\n - knownhosts: handle unknown key types","id":"SUSE-RU-2023:4066-1","modified":"2023-10-12T12:32:58Z","published":"2023-10-12T12:32:58Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2023-4066/suse-ru-20234066-1/"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1782"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-17498"}],"related":["CVE-2015-1782","CVE-2019-17498"],"summary":"Recommended update for libssh2_org","upstream":["CVE-2015-1782","CVE-2019-17498"]}