UbuntuUpdates.org

Package "libssh"

Name: libssh

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • tiny C SSH library (OpenSSL flavor)
  • tiny C SSH library - Development files (OpenSSL flavor)
  • tiny C SSH library - Documentation files
Latest version: 0.11.2-1ubuntu0.2
Release: questing (25.10)
Level: security
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libssh" in Questing

Repository Area Version
base main 0.11.2-1build1
updates main 0.11.2-1ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.11.2-1ubuntu0.2 2026-02-18 17:08:14 UTC

  libssh (0.11.2-1ubuntu0.2) questing-security; urgency=medium

  * SECURITY UPDATE: memory leak in key exchange
    - debian/patches/CVE-2025-8277-1.patch: adjust packet filter to work
      when DH-GEX is guessed wrongly in src/packet.c.
    - debian/patches/CVE-2025-8277-2.patch: fix memory leak of unused
      ephemeral key pair after client's wrong KEX guess in src/dh_crypto.c,
      src/dh_key.c, src/ecdh_crypto.c, src/ecdh_gcrypt.c,
      src/ecdh_mbedcrypto.c.
    - debian/patches/CVE-2025-8277-3.patch: free previously allocated
      pubkeys in src/ecdh_crypto.c, src/ecdh_gcrypt.c.
    - debian/patches/CVE-2025-8277-4.patch: avoid leaking ecdh keys in
      src/ecdh_mbedcrypto.c, src/wrapper.c.
    - CVE-2025-8277
  * SECURITY UPDATE: Improper sanitation of paths received from SCP servers
    - debian/patches/CVE-2026-0964.patch: reject invalid paths received
      through scp in src/scp.c.
    - CVE-2026-0964
  * SECURITY UPDATE: DoS via improper configuration file handling
    - debian/patches/CVE-2026-0965.patch: do not attempt to read
      non-regular and too large configuration files in
      include/libssh/misc.h, include/libssh/priv.h, src/bind_config.c,
      src/config.c, src/dh-gex.c, src/known_hosts.c, src/knownhosts.c,
      src/misc.c, tests/unittests/torture_config.c.
    - CVE-2026-0965
  * SECURITY UPDATE: Buffer underflow in ssh_get_hexa() on invalid input
    - debian/patches/CVE-2026-0966-1.patch: avoid heap buffer underflow in
      ssh_get_hexa in src/misc.c.
    - debian/patches/CVE-2026-0966-2.patch: test coverage for ssh_get_hexa
      in tests/unittests/torture_misc.c.
    - debian/patches/CVE-2026-0966-3.patch: update guided tour to use
      SHA256 fingerprints in doc/guided_tour.dox.
    - CVE-2026-0966
  * SECURITY UPDATE: DoS via inefficient regular expression processing
    - debian/patches/CVE-2026-0967.patch: avoid recursive matching (ReDoS)
      in src/match.c, tests/unittests/torture_config.c.
    - CVE-2026-0967
  * SECURITY UPDATE: DoS due to malformed SFTP message
    - debian/patches/CVE-2026-0968-1.patch: sanitize input handling in
      sftp_parse_longname() in src/sftp_common.c.
    - debian/patches/CVE-2026-0968-2.patch: reproducer for invalid longname
      data in tests/unittests/CMakeLists.txt,
      tests/unittests/torture_unit_sftp.c.
    - CVE-2026-0968

 -- Marc Deslauriers <email address hidden> Fri, 13 Feb 2026 09:11:25 -0500
Source diff to previous version
CVE-2025-8277 A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free
CVE-2026-0964 Improper sanitation of paths received from SCP servers
CVE-2026-0965 Denial of Service via improper configuration file handling
CVE-2026-0966 Buffer underflow in ssh_get_hexa() on invalid input
CVE-2026-0967 Denial of Service via inefficient regular expression processing
CVE-2026-0968 Denial of Service due to malformed SFTP message

Version: 0.11.2-1ubuntu0.1 2025-10-30 16:07:25 UTC

  libssh (0.11.2-1ubuntu0.1) questing-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2025-8114.patch: sets rc to SSH_ERROR prior to goto
      error in ssh_make_sessionid() of src/kex.c.
    - CVE-2025-8114

 -- Ian Constantin <email address hidden> Wed, 29 Oct 2025 14:58:22 +0200
CVE-2025-8114 A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an all


About   -   Send Feedback to @ubuntu_updates