Source: libssh2 Version: 1.4.2-1 Severity: grave Tags: security upstream patch fixed-upstream
Hi, the following vulnerability was published for libssh2. CVE-2015-1782[0]: Using SSH_MSG_KEXINIT data unbounded If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-1782 [1] http://www.libssh2.org/adv_20150311.html Please adjust the affected versions in the BTS as needed. Note, packages for wheezy-security are already built and prepared to be released. Regards, Salvatore -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
