forked from libssh2/libssh2
-
Notifications
You must be signed in to change notification settings - Fork 0
/
RELEASE-NOTES
29 lines (25 loc) · 1.49 KB
/
RELEASE-NOTES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
libssh2 1.8.1
This release includes the following bugfixes:
o fixed possible integer overflow when reading a specially crafted packet
(https://www.libssh2.org/CVE-2019-3855.html)
o fixed possible integer overflow in userauth_keyboard_interactive with a
number of extremely long prompt strings
(https://www.libssh2.org/CVE-2019-3863.html)
o fixed possible integer overflow if the server sent an extremely large number
of keyboard prompts (https://www.libssh2.org/CVE-2019-3856.html)
o fixed possible out of bounds read when processing a specially crafted packet
(https://www.libssh2.org/CVE-2019-3861.html)
o fixed possible integer overflow when receiving a specially crafted exit
signal message channel packet (https://www.libssh2.org/CVE-2019-3857.html)
o fixed possible out of bounds read when receiving a specially crafted exit
status message channel packet (https://www.libssh2.org/CVE-2019-3862.html)
o fixed possible zero byte allocation when reading a specially crafted SFTP
packet (https://www.libssh2.org/CVE-2019-3858.html)
o fixed possible out of bounds reads when processing specially crafted SFTP
packets (https://www.libssh2.org/CVE-2019-3860.html)
o fixed possible out of bounds reads in _libssh2_packet_require(v)
(https://www.libssh2.org/CVE-2019-3859.html)
This release would not have looked like this without help, code, reports and
advice from friends like these:
Chris Coulson, Michael Buckley, Will Cosgrove, Daniel Stenberg
(4 contributors)