A vulnerability was discovered in libssh2 before 1.9.0,
kex.c has an integer overflow that could lead to an out-of-bounds write in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
This is related to an
_libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
This update, to the latest current upstream release 1.9.0, addresses this security issue and also includes a number of other bug fixes and enhancements as described in the package changelog.
sudo dnf upgrade --refresh --advisory=FEDORA-2019-9d85600fc7
Please login to add feedback.