[Apollo] Advisories Statistics light light Login

RLSA-2024:0628

Security Mirrored from RHSA-2024:0628
Issued at: 2024-02-12
Updated at: 2024-02-12

Synopsis

Moderate: libssh security update



Description

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64

Fixes

2254210

CVEs

CVE-2023-48795

Affected packages

Rocky Linux 8 aarch64 - BaseOS

libssh-0:0.9.6-13.el8_9.aarch64.rpm libssh-0:0.9.6-13.el8_9.src.rpm libssh-config-0:0.9.6-13.el8_9.noarch.rpm libssh-debuginfo-0:0.9.6-13.el8_9.aarch64.rpm libssh-debugsource-0:0.9.6-13.el8_9.aarch64.rpm

Rocky Linux 8 aarch64 - AppStream

libssh-devel-0:0.9.6-13.el8_9.aarch64.rpm