libssh 0.9.4 has a NULL pointer dereference in tftpserver.c if ssh_buffer_new returns NULL.
Patches are at URL. Looks like it wasn't merged from the merge request but just a series of commits:
Upstream told me that it's safe to wait for the upcoming release (which they planned to release in about a month).
(In reply to Lars Wendler (Polynomial-C) from comment #1)
> Upstream told me that it's safe to wait for the upcoming release (which they
> planned to release in about a month).
Thanks. Tell us when it's ready to stable.
hppa stable. Last arch, closing.
Sorry, not my day.
(In reply to Rolf Eike Beer from comment #13)
> Sorry, not my day.
No worries. :)
The bug has been referenced in the following commit(s):
Author: Andreas Sturmlechner <email@example.com>
AuthorDate: 2020-10-15 19:00:53 +0000
Commit: Andreas Sturmlechner <firstname.lastname@example.org>
CommitDate: 2020-10-15 19:00:53 +0000
net-libs/libssh: Cleanup vulnerable 0.9.4
Package-Manager: Portage-3.0.8, Repoman-3.0.1
Signed-off-by: Andreas Sturmlechner <email@example.com>
net-libs/libssh/Manifest | 1 -
net-libs/libssh/libssh-0.9.4.ebuild | 119 ------------------------------------
2 files changed, 120 deletions(-)
This issue was resolved and addressed in
GLSA 202011-05 at https://security.gentoo.org/glsa/202011-05
by GLSA coordinator Sam James (sam_c).