Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a00c57fe by Salvatore Bonaccorso at 2026-02-11T18:12:37+01:00 Add details on libssh issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,22 +1,21 @@ CVE-2026-0968 [Denial of Service due to malformed SFTP message] - - libssh <undetermined> - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2436982 + - libssh <unfixed> + NOTE: https://www.libssh.org/security/advisories/CVE-2026-0968.txt CVE-2026-0967 [Denial of Service via inefficient regular expression processing] - - libssh <undetermined> - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2436981 + - libssh <unfixed> + NOTE: https://www.libssh.org/security/advisories/CVE-2026-0967.txt CVE-2026-0966 [Buffer underflow in ssh_get_hexa() on invalid input] - - libssh <undetermined> - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2433121 + - libssh <unfixed> + NOTE: https://www.libssh.org/security/advisories/CVE-2026-0966.txt CVE-2026-0965 [Denial of Service via improper configuration file handling] - - libssh <undetermined> - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2436980 + - libssh <unfixed> + NOTE: https://www.libssh.org/security/advisories/CVE-2026-0965.txt CVE-2026-0964 [Improper sanitation of paths received from SCP servers] - - libssh <undetermined> - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2436979 + - libssh <unfixed> + NOTE: https://www.libssh.org/security/advisories/CVE-2026-0964.txt CVE-2025-14821 [Insecure default configuration leads to local man-in-the-middle attacks on Windows] - - libssh <undetermined> - NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2423148 - TODO: appears to be only relevant on Windows systems + - libssh <not-affected> (Only affects libssh on Windows) + NOTE: https://www.libssh.org/security/advisories/CVE-2025-14821.txt CVE-2026-26044 REJECTED CVE-2026-26043 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a00c57fe1ae55bc993f605c063c943ce8d1473bc -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a00c57fe1ae55bc993f605c063c943ce8d1473bc You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
