Description: "nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse." Patch: https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad
amd64 stable
arm stable
ia64 stable
ppc stable
ppc64 stable
sparc stable
x86 stable
hppa stable
@maintainer(s), please cleanup!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2a61b415291233346e34da87702c2c3c292d3bdf commit 2a61b415291233346e34da87702c2c3c292d3bdf Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2020-03-25 19:15:14 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2020-03-25 19:15:14 +0000 net-analyzer/nmap: security cleanup (bug #711308) Bug: https://bugs.gentoo.org/711308 Package-Manager: Portage-2.3.94, Repoman-2.3.21 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> net-analyzer/nmap/Manifest | 1 - net-analyzer/nmap/nmap-7.70-r1.ebuild | 195 ---------------------------------- 2 files changed, 196 deletions(-)
GLSA Vote: No Repository is clean, all done!