Debian 9987 Published by

A libssh2 security update has been released for Debian GNU/Linux 8 and 9 Extended LTSto address an issue that allowed attackers to access out of bounds memory.



ELA-956-1 libssh2 security update

Package : libssh2
Version : 1.4.3-4.1+deb8u7 (jessie), 1.7.0-1+deb9u3 (stretch)

Related CVEs :
CVE-2020-22218

An issue has been found in libssh2, an SSH2 client-side library, in function _libssh2_packet_add(), which could allow attackers to access out of bounds memory.

ELA-956-1 libssh2 security update