Posted
about 9 years
ago
by
aris
The server at https://red.libssh.org/ that hosts the redmine bug tracker and the downloads is currently down. We are aware of the issue and couldn’t fix it quickly. In the meantime, all downloads are available from alternative URLs. A mirror of windows binary files can be found here, and the 0.6.4 source code can be downloaded […]
|
Posted
about 9 years
ago
by
aris
The server at https://red.libssh.org/ that hosts the redmine bug tracker and the downloads is currently down. We are aware of the issue and couldn’t fix it quickly. In the meantime, all downloads are available from alternative URLs. A mirror of
|
Posted
over 9 years
ago
by
gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-8132 – Double free on dangling pointers in initial key exchange packet. libssh versions 0.5.1 and above could leave dangling pointers in the session crypto structures. It is possible to send a malicious kexinit package to eventually cause a server to do a […]
|
Posted
over 9 years
ago
by
gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-8132 – Double free on dangling pointers in initial key exchange packet. libssh versions 0.5.1 and above could leave dangling pointers in the session crypto structures. It is possible to send a malicious kexinit package to eventually cause a server to do a […]
|
Posted
over 9 years
ago
by
gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-8132 – Double free on dangling pointers in initial key exchange packet. libssh versions 0.5.1 and above could leave dangling pointers in the session crypto structures. It is possible to send a malicious kexinit package to eventually cause a server to do a […]
|
Posted
about 10 years
ago
by
gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
|
Posted
about 10 years
ago
by
gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
|
Posted
about 10 years
ago
by
gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
|
Posted
about 10 years
ago
by
aris
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
|
Posted
about 10 years
ago
by
aris
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
|