Advisories ยป MGASA-2015-0014

Updated libssh packages fix CVE-2014-8132

Publication date: 08 Jan 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8132

Description

Updated libssh packages fix security vulnerability:

Double free vulnerability in the ssh_packet_kexinit function in kex.c in
libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial
of service via a crafted kexinit packet (CVE-2014-8132).
                

References

SRPMS

4/core