Source: libssh2 Version: 1.8.0-2.1 Severity: important Tags: security upstream
Hi, The following vulnerability was published for libssh2. CVE-2019-13115[0]: | In libssh2 before 1.9.0, | kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c | has an integer overflow that could lead to an out-of-bounds write in | the way packets are read from the server. A remote attacker who | compromises a SSH server may be able to execute code on the client | system when a user connects to the server. This is related to an | _libssh2_check_length mistake, and is different from the various | issues fixed in 1.8.1, such as CVE-2019-3855. TTBOMK, and following [1] the issue is not just only introduced later than 1.8.2, but is present before and was fixed upstream in various commits around the _libssh2_check_length function and included all in 1.9.0. But the issue would be present before the introduction of the _libssh2_check_length. Please double check. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-13115 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13115 [1] https://blog.semmle.com/libssh2-integer-overflow/ Please adjust the affected versions in the BTS as needed. Regards, Salvatore
