Several CVE in version < 0.5.3
Bug #1082328 reported by
Laurent Bigonville
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libssh (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Lucid |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Oneiric |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Precise |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Quantal |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Raring |
Fix Released
|
High
|
Unassigned |
Bug Description
Hi,
Several CVE have been published regarding libssh < 0.5.3
CVE-2012-4559: multiple double free() flaws
CVE-2012-4560: multiple buffer overflow flaws
CVE-2012-4561: multiple invalid free() flaws
CVE-2012-4562: multiple improper overflow checks
The proper fix for the 0.5 branch have been published. The 0.4 branch is also vulnerable but no published patches yet.
Changed in libssh (Ubuntu): | |
importance: | Undecided → High |
description: | updated |
Changed in libssh (Ubuntu Raring): | |
status: | New → Fix Released |
Changed in libssh (Ubuntu Lucid): | |
status: | New → Confirmed |
Changed in libssh (Ubuntu Oneiric): | |
status: | New → Confirmed |
Changed in libssh (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in libssh (Ubuntu Quantal): | |
status: | New → Confirmed |
Changed in libssh (Ubuntu Lucid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libssh (Ubuntu Oneiric): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libssh (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in libssh (Ubuntu Quantal): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
information type: | Public → Public Security |
Changed in libssh (Ubuntu Lucid): | |
importance: | Undecided → Medium |
Changed in libssh (Ubuntu Oneiric): | |
importance: | Undecided → Medium |
Changed in libssh (Ubuntu Precise): | |
importance: | Undecided → Medium |
Changed in libssh (Ubuntu Quantal): | |
importance: | Undecided → Medium |
To post a comment you must log in.
http:// www.ubuntu. com/usn/ usn-1640- 1/