From ${URL} : This is an important SECURITY and maintenance release in order to address CVE-2014-8132 – Double free on dangling pointers in initial key exchange packet. libssh versions 0.5.1 and above could leave dangling pointers in the session crypto structures. It is possible to send a malicious kexinit package to eventually cause a server to do a double-free before this fix. This could be used for a Denial of Service attack. As this was found by a libssh developer there are no currently known exploits for this problem (as of December 19th 2014). @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
CVE-2014-8132 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8132): Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.
I guess I'm waiting for KDE people to give an OK.
(In reply to Jeroen Roovers from comment #2) > I guess I'm waiting for KDE people to give an OK. Arches please stabilize =net-libs/libssh-0.6.4.
amd64 stable
x86 stable
ppc stable
ppc64 stable. Maintainer(s), please cleanup. Security, please vote.
Thanks all. Cleanuo done by Jeroen. Removing kde herd from cc here as it is nothing to do for us anymore. + + 18 Feb 2015; Jeroen Roovers <jer@gentoo.org> -libssh-0.6.3.ebuild, + -libssh-0.6.3-r1.ebuild: + Old. +
Maintainer(s), Thank you for cleanup! Security Please Vote. First Vote: Yes
YES too, request filed.
This issue was resolved and addressed in GLSA 201606-12 at https://security.gentoo.org/glsa/201606-12 by GLSA coordinator Aaron Bauman (b-man).
