USN-1640-1: libssh vulnerabilities
26 November 2012
linssh could be made to crash or run programs if it received specially crafted network traffic.
- libssh - A tiny C SSH library
Xi Wang and Florian Weimer discovered that libssh incorrectly handled
memory. A remote attacker could use this to cause libssh to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562)
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.