Advisories ยป MGASA-2020-0171

Updated libssh packages fix security vulnerability

Publication date: 15 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-1730

Description

Updated libssh packages fix security vulnerability:

A malicious client or server could crash the counterpart implemented
with libssh AES-CTR ciphers are used and don't get fully initialized.
It will crash when it tries to cleanup the AES-CTR ciphers when
closing the connection (CVE-2020-1730).
                

References

SRPMS

7/core