Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-3855 (GCVE-0-2019-3855)
Vulnerability from cvelistv5 – Published: 2019-03-21 20:13 – Updated: 2025-12-17 21:40
VLAI
EPSS
Summary
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Severity
7.5 (High)
Assigner
References
27 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| The libssh2 Project | libssh2 |
Affected:
1.8.1
|
Date Public
2019-03-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:18.675Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/18/3"
},
{
"name": "20190319 [slackware-security] libssh2 (SSA:2019-077-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Mar/25"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.libssh2.org/CVE-2019-3855.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html"
},
{
"name": "107485",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107485"
},
{
"name": "FEDORA-2019-f31c14682f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767"
},
{
"name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"name": "RHSA-2019:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"name": "openSUSE-SU-2019:1075",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"name": "openSUSE-SU-2019:1109",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
},
{
"name": "FEDORA-2019-3348cb4934",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/"
},
{
"name": "DSA-4431",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"name": "20190415 [SECURITY] [DSA 4431-1] libssh2 security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Apr/25"
},
{
"name": "RHSA-2019:1175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1175"
},
{
"name": "RHSA-2019:1652",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1652"
},
{
"name": "RHSA-2019:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1791"
},
{
"name": "RHSA-2019:1943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1943"
},
{
"name": "FEDORA-2019-9d85600fc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/"
},
{
"name": "FEDORA-2019-5885663621",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/"
},
{
"name": "RHSA-2019:2399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2399"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT210609"
},
{
"name": "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/Sep/49"
},
{
"name": "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/42"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-3855",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-17T21:39:23.503426Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-17T21:40:11.249Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "libssh2",
"vendor": "The libssh2 Project",
"versions": [
{
"status": "affected",
"version": "1.8.1"
}
]
}
],
"datePublic": "2019-03-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-16T17:41:00.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/03/18/3"
},
{
"name": "20190319 [slackware-security] libssh2 (SSA:2019-077-01)",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Mar/25"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.libssh2.org/CVE-2019-3855.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html"
},
{
"name": "107485",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107485"
},
{
"name": "FEDORA-2019-f31c14682f",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767"
},
{
"name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"name": "RHSA-2019:0679",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"name": "openSUSE-SU-2019:1075",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"name": "openSUSE-SU-2019:1109",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
},
{
"name": "FEDORA-2019-3348cb4934",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/"
},
{
"name": "DSA-4431",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"name": "20190415 [SECURITY] [DSA 4431-1] libssh2 security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Apr/25"
},
{
"name": "RHSA-2019:1175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1175"
},
{
"name": "RHSA-2019:1652",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1652"
},
{
"name": "RHSA-2019:1791",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1791"
},
{
"name": "RHSA-2019:1943",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1943"
},
{
"name": "FEDORA-2019-9d85600fc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/"
},
{
"name": "FEDORA-2019-5885663621",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/"
},
{
"name": "RHSA-2019:2399",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2399"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT210609"
},
{
"name": "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/Sep/49"
},
{
"name": "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2019/Sep/42"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3855",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libssh2",
"version": {
"version_data": [
{
"version_value": "1.8.1"
}
]
}
}
]
},
"vendor_name": "The libssh2 Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/03/18/3"
},
{
"name": "20190319 [slackware-security] libssh2 (SSA:2019-077-01)",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Mar/25"
},
{
"name": "https://www.libssh2.org/CVE-2019-3855.html",
"refsource": "MISC",
"url": "https://www.libssh2.org/CVE-2019-3855.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855"
},
{
"name": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html"
},
{
"name": "107485",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107485"
},
{
"name": "FEDORA-2019-f31c14682f",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/"
},
{
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767",
"refsource": "CONFIRM",
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767"
},
{
"name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"name": "RHSA-2019:0679",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"name": "openSUSE-SU-2019:1075",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"name": "openSUSE-SU-2019:1109",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
},
{
"name": "FEDORA-2019-3348cb4934",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/"
},
{
"name": "DSA-4431",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"name": "20190415 [SECURITY] [DSA 4431-1] libssh2 security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/25"
},
{
"name": "RHSA-2019:1175",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1175"
},
{
"name": "RHSA-2019:1652",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1652"
},
{
"name": "RHSA-2019:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1791"
},
{
"name": "RHSA-2019:1943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1943"
},
{
"name": "FEDORA-2019-9d85600fc7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/"
},
{
"name": "FEDORA-2019-5885663621",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/"
},
{
"name": "RHSA-2019:2399",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2399"
},
{
"name": "https://support.apple.com/kb/HT210609",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT210609"
},
{
"name": "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Sep/49"
},
{
"name": "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2019/Sep/42"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-3855",
"datePublished": "2019-03-21T20:13:25.000Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2025-12-17T21:40:11.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-3855",
"date": "2026-05-28",
"epss": "0.16241",
"percentile": "0.94921"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.8.1\", \"matchCriteriaId\": \"23E074D8-B71C-4C02-9383-F419F9C6EFB2\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D100F7CE-FC64-4CC6-852A-6136D72DA419\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E7CF3019-975D-40BB-A8A4-894E62BD3797\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*\", \"matchCriteriaId\": \"3AA08768-75AF-4791-B229-AE938C780959\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B353CE99-D57C-465B-AAB0-73EF581127D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"11.0\", \"matchCriteriaId\": \"8B0ADF4A-CFD7-4719-8713-07E9069169F7\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E1E416B-920B-49A0-9523-382898C2979D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto un error de desbordamiento de enteros que podr\\u00eda conducir a una escritura fuera de l\\u00edmites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que los paquetes se leen desde el servidor. Un atacante remoto que comprometa un servidor SSH podr\\u00eda ser capaz de ejecutar c\\u00f3digo en el sistema del cliente cuando un usuario se conecta al servidor\"}]",
"id": "CVE-2019-3855",
"lastModified": "2024-11-21T04:42:43.427",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2019-03-21T21:29:00.433",
"references": "[{\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Sep/42\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/03/18/3\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107485\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0679\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1175\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1652\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1791\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1943\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2399\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/25\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/25\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/49\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190327-0005/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT210609\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4431\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.libssh2.org/CVE-2019-3855.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Sep/42\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/03/18/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/107485\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0679\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1175\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1652\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1791\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1943\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2399\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/25\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/25\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/49\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190327-0005/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.apple.com/kb/HT210609\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4431\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.libssh2.org/CVE-2019-3855.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}, {\"lang\": \"en\", \"value\": \"CWE-787\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}, {\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-3855\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2019-03-21T21:29:00.433\",\"lastModified\":\"2024-11-21T04:42:43.427\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un error de desbordamiento de enteros que podr\u00eda conducir a una escritura fuera de l\u00edmites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que los paquetes se leen desde el servidor. Un atacante remoto que comprometa un servidor SSH podr\u00eda ser capaz de ejecutar c\u00f3digo en el sistema del cliente cuando un usuario se conecta al servidor\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.8.1\",\"matchCriteriaId\":\"23E074D8-B71C-4C02-9383-F419F9C6EFB2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D100F7CE-FC64-4CC6-852A-6136D72DA419\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7CF3019-975D-40BB-A8A4-894E62BD3797\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*\",\"matchCriteriaId\":\"3AA08768-75AF-4791-B229-AE938C780959\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BF77CDCF-B9C9-427D-B2BF-36650FB2148C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"11.0\",\"matchCriteriaId\":\"8B0ADF4A-CFD7-4719-8713-07E9069169F7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Sep/42\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/03/18/3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107485\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0679\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1175\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1652\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1791\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1943\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2399\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://seclists.org/bugtraq/2019/Apr/25\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Mar/25\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/49\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190327-0005/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210609\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4431\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.libssh2.org/CVE-2019-3855.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://seclists.org/fulldisclosure/2019/Sep/42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/03/18/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1175\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1652\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1791\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1943\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2399\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://seclists.org/bugtraq/2019/Apr/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Mar/25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/49\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190327-0005/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/kb/HT210609\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4431\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.libssh2.org/CVE-2019-3855.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2019/03/18/3\", \"name\": \"[oss-security] 20190318 [SECURITY ADVISORIES] libssh2\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/25\", \"name\": \"20190319 [slackware-security] libssh2 (SSA:2019-077-01)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://www.libssh2.org/CVE-2019-3855.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/107485\", \"name\": \"107485\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\", \"name\": \"FEDORA-2019-f31c14682f\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\", \"name\": \"[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190327-0005/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0679\", \"name\": \"RHSA-2019:0679\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\", \"name\": \"openSUSE-SU-2019:1075\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\", \"name\": \"openSUSE-SU-2019:1109\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\", \"name\": \"FEDORA-2019-3348cb4934\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4431\", \"name\": \"DSA-4431\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/25\", \"name\": \"20190415 [SECURITY] [DSA 4431-1] libssh2 security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1175\", \"name\": \"RHSA-2019:1175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1652\", \"name\": \"RHSA-2019:1652\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1791\", \"name\": \"RHSA-2019:1791\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1943\", \"name\": \"RHSA-2019:1943\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\", \"name\": \"FEDORA-2019-9d85600fc7\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\", \"name\": \"FEDORA-2019-5885663621\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2399\", \"name\": \"RHSA-2019:2399\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://support.apple.com/kb/HT210609\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/49\", \"name\": \"20190927 APPLE-SA-2019-9-26-7 Xcode 11.0\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\", \"x_transferred\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Sep/42\", \"name\": \"20190927 APPLE-SA-2019-9-26-7 Xcode 11.0\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T19:19:18.675Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-3855\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-17T21:39:23.503426Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-17T21:40:04.668Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_0\": {\"scope\": \"UNCHANGED\", \"version\": \"3.0\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"The libssh2 Project\", \"product\": \"libssh2\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.8.1\"}]}], \"datePublic\": \"2019-03-13T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2019/03/18/3\", \"name\": \"[oss-security] 20190318 [SECURITY ADVISORIES] libssh2\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/25\", \"name\": \"20190319 [slackware-security] libssh2 (SSA:2019-077-01)\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://www.libssh2.org/CVE-2019-3855.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.securityfocus.com/bid/107485\", \"name\": \"107485\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\", \"name\": \"FEDORA-2019-f31c14682f\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\", \"name\": \"[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190327-0005/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0679\", \"name\": \"RHSA-2019:0679\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\", \"name\": \"openSUSE-SU-2019:1075\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\", \"name\": \"openSUSE-SU-2019:1109\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\", \"name\": \"FEDORA-2019-3348cb4934\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://www.debian.org/security/2019/dsa-4431\", \"name\": \"DSA-4431\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/25\", \"name\": \"20190415 [SECURITY] [DSA 4431-1] libssh2 security update\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1175\", \"name\": \"RHSA-2019:1175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1652\", \"name\": \"RHSA-2019:1652\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1791\", \"name\": \"RHSA-2019:1791\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1943\", \"name\": \"RHSA-2019:1943\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\", \"name\": \"FEDORA-2019-9d85600fc7\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\", \"name\": \"FEDORA-2019-5885663621\", \"tags\": [\"vendor-advisory\", \"x_refsource_FEDORA\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2399\", \"name\": \"RHSA-2019:2399\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://support.apple.com/kb/HT210609\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/49\", \"name\": \"20190927 APPLE-SA-2019-9-26-7 Xcode 11.0\", \"tags\": [\"mailing-list\", \"x_refsource_BUGTRAQ\"]}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Sep/42\", \"name\": \"20190927 APPLE-SA-2019-9-26-7 Xcode 11.0\", \"tags\": [\"mailing-list\", \"x_refsource_FULLDISC\"]}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787\"}]}], \"providerMetadata\": {\"orgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"shortName\": \"redhat\", \"dateUpdated\": \"2019-10-16T17:41:00.000Z\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": [[{\"version\": \"3.0\", \"vectorString\": \"7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\"}]]}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"1.8.1\"}]}, \"product_name\": \"libssh2\"}]}, \"vendor_name\": \"The libssh2 Project\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2019/03/18/3\", \"name\": \"[oss-security] 20190318 [SECURITY ADVISORIES] libssh2\", \"refsource\": \"MLIST\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Mar/25\", \"name\": \"20190319 [slackware-security] libssh2 (SSA:2019-077-01)\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://www.libssh2.org/CVE-2019-3855.html\", \"name\": \"https://www.libssh2.org/CVE-2019-3855.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\", \"name\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\", \"name\": \"http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.securityfocus.com/bid/107485\", \"name\": \"107485\", \"refsource\": \"BID\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/\", \"name\": \"FEDORA-2019-f31c14682f\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\", \"name\": \"https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html\", \"name\": \"[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update\", \"refsource\": \"MLIST\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190327-0005/\", \"name\": \"https://security.netapp.com/advisory/ntap-20190327-0005/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:0679\", \"name\": \"RHSA-2019:0679\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html\", \"name\": \"openSUSE-SU-2019:1075\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html\", \"name\": \"openSUSE-SU-2019:1109\", \"refsource\": \"SUSE\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/\", \"name\": \"FEDORA-2019-3348cb4934\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://www.debian.org/security/2019/dsa-4431\", \"name\": \"DSA-4431\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Apr/25\", \"name\": \"20190415 [SECURITY] [DSA 4431-1] libssh2 security update\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1175\", \"name\": \"RHSA-2019:1175\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1652\", \"name\": \"RHSA-2019:1652\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1791\", \"name\": \"RHSA-2019:1791\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:1943\", \"name\": \"RHSA-2019:1943\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/\", \"name\": \"FEDORA-2019-9d85600fc7\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/\", \"name\": \"FEDORA-2019-5885663621\", \"refsource\": \"FEDORA\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:2399\", \"name\": \"RHSA-2019:2399\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://support.apple.com/kb/HT210609\", \"name\": \"https://support.apple.com/kb/HT210609\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://seclists.org/bugtraq/2019/Sep/49\", \"name\": \"20190927 APPLE-SA-2019-9-26-7 Xcode 11.0\", \"refsource\": \"BUGTRAQ\"}, {\"url\": \"http://seclists.org/fulldisclosure/2019/Sep/42\", \"name\": \"20190927 APPLE-SA-2019-9-26-7 Xcode 11.0\", \"refsource\": \"FULLDISC\"}, {\"url\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"name\": \"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\", \"refsource\": \"MISC\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-190\"}]}, {\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-787\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2019-3855\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert@redhat.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2019-3855\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-17T21:40:11.249Z\", \"dateReserved\": \"2019-01-03T00:00:00.000Z\", \"assignerOrgId\": \"53f830b8-0a3f-465b-8143-3b8a9948e749\", \"datePublished\": \"2019-03-21T20:13:25.000Z\", \"assignerShortName\": \"redhat\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2019:13997-1
Vulnerability from csaf_suse - Published: 2019-03-29 15:32 - Updated: 2019-03-29 15:32Summary
Security update for libssh2_org
Severity
Moderate
Notes
Title of the patch: Security update for libssh2_org
Description of the patch: This update for libssh2_org fixes the following issues:
Security issues fixed:
- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490).
- CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492).
- CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481).
- CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes
with specially crafted keyboard responses (bsc#1128493).
- CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write
with specially crafted payload (bsc#1128472).
- CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require
and _libssh2_packet_requirev (bsc#1128480).
- CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially
crafted payload (bsc#1128471).
- CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted
SFTP packet (bsc#1128476).
- CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially
crafted message channel request SSH packet (bsc#1128474).
Other issue addressed:
- Fixed an issue where libssh2 stops parsing known_hosts (bsc#1091236).
Patchnames: sleposp3-libssh2_org-13997
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
4.6 (Medium)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586 | — |
Vendor Fix
|
Threats
Impact
low
References
55 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libssh2_org",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libssh2_org fixes the following issues:\n\nSecurity issues fixed:\t \n\n- CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490).\n- CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492).\n- CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481).\n- CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes \n with specially crafted keyboard responses (bsc#1128493).\n- CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write \n with specially crafted payload (bsc#1128472).\n- CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require \n and _libssh2_packet_requirev (bsc#1128480).\n- CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially \n crafted payload (bsc#1128471).\n- CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted \n SFTP packet (bsc#1128476).\n- CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially \n crafted message channel request SSH packet (bsc#1128474).\n\nOther issue addressed: \n\n- Fixed an issue where libssh2 stops parsing known_hosts (bsc#1091236).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-libssh2_org-13997",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2019_13997-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2019:13997-1",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201913997-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2019:13997-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-March/005271.html"
},
{
"category": "self",
"summary": "SUSE Bug 1091236",
"url": "https://bugzilla.suse.com/1091236"
},
{
"category": "self",
"summary": "SUSE Bug 1128471",
"url": "https://bugzilla.suse.com/1128471"
},
{
"category": "self",
"summary": "SUSE Bug 1128472",
"url": "https://bugzilla.suse.com/1128472"
},
{
"category": "self",
"summary": "SUSE Bug 1128474",
"url": "https://bugzilla.suse.com/1128474"
},
{
"category": "self",
"summary": "SUSE Bug 1128476",
"url": "https://bugzilla.suse.com/1128476"
},
{
"category": "self",
"summary": "SUSE Bug 1128480",
"url": "https://bugzilla.suse.com/1128480"
},
{
"category": "self",
"summary": "SUSE Bug 1128481",
"url": "https://bugzilla.suse.com/1128481"
},
{
"category": "self",
"summary": "SUSE Bug 1128490",
"url": "https://bugzilla.suse.com/1128490"
},
{
"category": "self",
"summary": "SUSE Bug 1128492",
"url": "https://bugzilla.suse.com/1128492"
},
{
"category": "self",
"summary": "SUSE Bug 1128493",
"url": "https://bugzilla.suse.com/1128493"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3855 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3856 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3857 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3858 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3859 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3860 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3861 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3862 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3863 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3863/"
}
],
"title": "Security update for libssh2_org",
"tracking": {
"current_release_date": "2019-03-29T15:32:12Z",
"generator": {
"date": "2019-03-29T15:32:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2019:13997-1",
"initial_release_date": "2019-03-29T15:32:12Z",
"revision_history": [
{
"date": "2019-03-29T15:32:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-1.2.9-4.2.12.5.1.i586",
"product": {
"name": "libssh2-1-1.2.9-4.2.12.5.1.i586",
"product_id": "libssh2-1-1.2.9-4.2.12.5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.2.9-4.2.12.5.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
},
"product_reference": "libssh2-1-1.2.9-4.2.12.5.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3855"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3855",
"url": "https://www.suse.com/security/cve/CVE-2019-3855"
},
{
"category": "external",
"summary": "SUSE Bug 1128471 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1128471"
},
{
"category": "external",
"summary": "SUSE Bug 1134329 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1134329"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1135434"
},
{
"category": "external",
"summary": "SUSE Bug 1141850 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1141850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3855"
},
{
"cve": "CVE-2019-3856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3856"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3856",
"url": "https://www.suse.com/security/cve/CVE-2019-3856"
},
{
"category": "external",
"summary": "SUSE Bug 1128472 for CVE-2019-3856",
"url": "https://bugzilla.suse.com/1128472"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3856",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3856"
},
{
"cve": "CVE-2019-3857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3857"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3857",
"url": "https://www.suse.com/security/cve/CVE-2019-3857"
},
{
"category": "external",
"summary": "SUSE Bug 1128474 for CVE-2019-3857",
"url": "https://bugzilla.suse.com/1128474"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3857",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3857"
},
{
"cve": "CVE-2019-3858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3858"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3858",
"url": "https://www.suse.com/security/cve/CVE-2019-3858"
},
{
"category": "external",
"summary": "SUSE Bug 1128476 for CVE-2019-3858",
"url": "https://bugzilla.suse.com/1128476"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3858",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "moderate"
}
],
"title": "CVE-2019-3858"
},
{
"cve": "CVE-2019-3859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3859"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3859",
"url": "https://www.suse.com/security/cve/CVE-2019-3859"
},
{
"category": "external",
"summary": "SUSE Bug 1128480 for CVE-2019-3859",
"url": "https://bugzilla.suse.com/1128480"
},
{
"category": "external",
"summary": "SUSE Bug 1130103 for CVE-2019-3859",
"url": "https://bugzilla.suse.com/1130103"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3859",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3859"
},
{
"cve": "CVE-2019-3860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3860"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3860",
"url": "https://www.suse.com/security/cve/CVE-2019-3860"
},
{
"category": "external",
"summary": "SUSE Bug 1128481 for CVE-2019-3860",
"url": "https://bugzilla.suse.com/1128481"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3860",
"url": "https://bugzilla.suse.com/1135434"
},
{
"category": "external",
"summary": "SUSE Bug 1136570 for CVE-2019-3860",
"url": "https://bugzilla.suse.com/1136570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3860"
},
{
"cve": "CVE-2019-3861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3861"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3861",
"url": "https://www.suse.com/security/cve/CVE-2019-3861"
},
{
"category": "external",
"summary": "SUSE Bug 1128490 for CVE-2019-3861",
"url": "https://bugzilla.suse.com/1128490"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3861",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3861"
},
{
"cve": "CVE-2019-3862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3862"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3862",
"url": "https://www.suse.com/security/cve/CVE-2019-3862"
},
{
"category": "external",
"summary": "SUSE Bug 1128492 for CVE-2019-3862",
"url": "https://bugzilla.suse.com/1128492"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3862",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3862"
},
{
"cve": "CVE-2019-3863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3863"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3863",
"url": "https://www.suse.com/security/cve/CVE-2019-3863"
},
{
"category": "external",
"summary": "SUSE Bug 1128493 for CVE-2019-3863",
"url": "https://bugzilla.suse.com/1128493"
},
{
"category": "external",
"summary": "SUSE Bug 1130103 for CVE-2019-3863",
"url": "https://bugzilla.suse.com/1130103"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3863",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:libssh2-1-1.2.9-4.2.12.5.1.i586"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-29T15:32:12Z",
"details": "low"
}
],
"title": "CVE-2019-3863"
}
]
}
SUSE-SU-2020:3551-1
Vulnerability from csaf_suse - Published: 2020-11-27 13:54 - Updated: 2020-11-27 13:54Summary
Security update for libssh2_org
Severity
Moderate
Notes
Title of the patch: Security update for libssh2_org
Description of the patch: This update for libssh2_org fixes the following issues:
- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922]
Enhancements and bugfixes:
* adds ECDSA keys and host key support when using OpenSSL
* adds ED25519 key and host key support when using OpenSSL 1.1.1
* adds OpenSSH style key file reading
* adds AES CTR mode support when using WinCNG
* adds PEM passphrase protected file support for Libgcrypt and WinCNG
* adds SHA256 hostkey fingerprint
* adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path()
* adds explicit zeroing of sensitive data in memory
* adds additional bounds checks to network buffer reads
* adds the ability to use the server default permissions when creating sftp directories
* adds support for building with OpenSSL no engine flag
* adds support for building with LibreSSL
* increased sftp packet size to 256k
* fixed oversized packet handling in sftp
* fixed building with OpenSSL 1.1
* fixed a possible crash if sftp stat gets an unexpected response
* fixed incorrect parsing of the KEX preference string value
* fixed conditional RSA and AES-CTR support
* fixed a small memory leak during the key exchange process
* fixed a possible memory leak of the ssh banner string
* fixed various small memory leaks in the backends
* fixed possible out of bounds read when parsing public keys from the server
* fixed possible out of bounds read when parsing invalid PEM files
* no longer null terminates the scp remote exec command
* now handle errors when diffie hellman key pair generation fails
* improved building instructions
* improved unit tests
- Version update to 1.8.2: [bsc#1130103]
Bug fixes:
* Fixed the misapplied userauth patch that broke 1.8.1
* moved the MAX size declarations from the public header
Patchnames: SUSE-2020-3551,SUSE-SLE-Module-Basesystem-15-SP1-2020-3551,SUSE-SLE-Module-Basesystem-15-SP2-2020-3551,SUSE-SLE-Product-HPC-15-2020-3551,SUSE-SLE-Product-SLES-15-2020-3551,SUSE-SLE-Product-SLES_SAP-15-2020-3551
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.4 (Medium)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.6 (Medium)
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
42 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
51 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libssh2_org",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libssh2_org fixes the following issues:\n\n- Version update to 1.9.0: [bsc#1178083, jsc#SLE-16922]\n Enhancements and bugfixes:\n * adds ECDSA keys and host key support when using OpenSSL\n * adds ED25519 key and host key support when using OpenSSL 1.1.1\n * adds OpenSSH style key file reading\n * adds AES CTR mode support when using WinCNG\n * adds PEM passphrase protected file support for Libgcrypt and WinCNG\n * adds SHA256 hostkey fingerprint\n * adds libssh2_agent_get_identity_path() and libssh2_agent_set_identity_path()\n * adds explicit zeroing of sensitive data in memory\n * adds additional bounds checks to network buffer reads\n * adds the ability to use the server default permissions when creating sftp directories\n * adds support for building with OpenSSL no engine flag\n * adds support for building with LibreSSL\n * increased sftp packet size to 256k\n * fixed oversized packet handling in sftp\n * fixed building with OpenSSL 1.1\n * fixed a possible crash if sftp stat gets an unexpected response\n * fixed incorrect parsing of the KEX preference string value\n * fixed conditional RSA and AES-CTR support\n * fixed a small memory leak during the key exchange process\n * fixed a possible memory leak of the ssh banner string\n * fixed various small memory leaks in the backends\n * fixed possible out of bounds read when parsing public keys from the server\n * fixed possible out of bounds read when parsing invalid PEM files\n * no longer null terminates the scp remote exec command\n * now handle errors when diffie hellman key pair generation fails\n * improved building instructions\n * improved unit tests\n\n- Version update to 1.8.2: [bsc#1130103]\n Bug fixes:\n * Fixed the misapplied userauth patch that broke 1.8.1\n * moved the MAX size declarations from the public header",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3551,SUSE-SLE-Module-Basesystem-15-SP1-2020-3551,SUSE-SLE-Module-Basesystem-15-SP2-2020-3551,SUSE-SLE-Product-HPC-15-2020-3551,SUSE-SLE-Product-SLES-15-2020-3551,SUSE-SLE-Product-SLES_SAP-15-2020-3551",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3551-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3551-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203551-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3551-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007887.html"
},
{
"category": "self",
"summary": "SUSE Bug 1130103",
"url": "https://bugzilla.suse.com/1130103"
},
{
"category": "self",
"summary": "SUSE Bug 1178083",
"url": "https://bugzilla.suse.com/1178083"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-17498 page",
"url": "https://www.suse.com/security/cve/CVE-2019-17498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3855 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3856 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3857 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3858 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3859 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3860 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3861 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3862 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3863 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3863/"
}
],
"title": "Security update for libssh2_org",
"tracking": {
"current_release_date": "2020-11-27T13:54:59Z",
"generator": {
"date": "2020-11-27T13:54:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3551-1",
"initial_release_date": "2020-11-27T13:54:59Z",
"revision_history": [
{
"date": "2020-11-27T13:54:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-1.9.0-4.13.1.aarch64",
"product": {
"name": "libssh2-1-1.9.0-4.13.1.aarch64",
"product_id": "libssh2-1-1.9.0-4.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "libssh2-devel-1.9.0-4.13.1.aarch64",
"product": {
"name": "libssh2-devel-1.9.0-4.13.1.aarch64",
"product_id": "libssh2-devel-1.9.0-4.13.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-64bit-1.9.0-4.13.1.aarch64_ilp32",
"product": {
"name": "libssh2-1-64bit-1.9.0-4.13.1.aarch64_ilp32",
"product_id": "libssh2-1-64bit-1.9.0-4.13.1.aarch64_ilp32"
}
}
],
"category": "architecture",
"name": "aarch64_ilp32"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-1.9.0-4.13.1.i586",
"product": {
"name": "libssh2-1-1.9.0-4.13.1.i586",
"product_id": "libssh2-1-1.9.0-4.13.1.i586"
}
},
{
"category": "product_version",
"name": "libssh2-devel-1.9.0-4.13.1.i586",
"product": {
"name": "libssh2-devel-1.9.0-4.13.1.i586",
"product_id": "libssh2-devel-1.9.0-4.13.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-1.9.0-4.13.1.ppc64le",
"product": {
"name": "libssh2-1-1.9.0-4.13.1.ppc64le",
"product_id": "libssh2-1-1.9.0-4.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libssh2-devel-1.9.0-4.13.1.ppc64le",
"product": {
"name": "libssh2-devel-1.9.0-4.13.1.ppc64le",
"product_id": "libssh2-devel-1.9.0-4.13.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-1.9.0-4.13.1.s390x",
"product": {
"name": "libssh2-1-1.9.0-4.13.1.s390x",
"product_id": "libssh2-1-1.9.0-4.13.1.s390x"
}
},
{
"category": "product_version",
"name": "libssh2-devel-1.9.0-4.13.1.s390x",
"product": {
"name": "libssh2-devel-1.9.0-4.13.1.s390x",
"product_id": "libssh2-devel-1.9.0-4.13.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libssh2-1-1.9.0-4.13.1.x86_64",
"product": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64",
"product_id": "libssh2-1-1.9.0-4.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"product": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"product_id": "libssh2-1-32bit-1.9.0-4.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "libssh2-devel-1.9.0-4.13.1.x86_64",
"product": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64",
"product_id": "libssh2-devel-1.9.0-4.13.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.aarch64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS",
"product_id": "SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-1-32bit-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libssh2-devel-1.9.0-4.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
},
"product_reference": "libssh2-devel-1.9.0-4.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-17498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-17498"
}
],
"notes": [
{
"category": "general",
"text": "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-17498",
"url": "https://www.suse.com/security/cve/CVE-2019-17498"
},
{
"category": "external",
"summary": "SUSE Bug 1154862 for CVE-2019-17498",
"url": "https://bugzilla.suse.com/1154862"
},
{
"category": "external",
"summary": "SUSE Bug 1171566 for CVE-2019-17498",
"url": "https://bugzilla.suse.com/1171566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "moderate"
}
],
"title": "CVE-2019-17498"
},
{
"cve": "CVE-2019-3855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3855"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3855",
"url": "https://www.suse.com/security/cve/CVE-2019-3855"
},
{
"category": "external",
"summary": "SUSE Bug 1128471 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1128471"
},
{
"category": "external",
"summary": "SUSE Bug 1134329 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1134329"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1135434"
},
{
"category": "external",
"summary": "SUSE Bug 1141850 for CVE-2019-3855",
"url": "https://bugzilla.suse.com/1141850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3855"
},
{
"cve": "CVE-2019-3856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3856"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3856",
"url": "https://www.suse.com/security/cve/CVE-2019-3856"
},
{
"category": "external",
"summary": "SUSE Bug 1128472 for CVE-2019-3856",
"url": "https://bugzilla.suse.com/1128472"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3856",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3856"
},
{
"cve": "CVE-2019-3857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3857"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3857",
"url": "https://www.suse.com/security/cve/CVE-2019-3857"
},
{
"category": "external",
"summary": "SUSE Bug 1128474 for CVE-2019-3857",
"url": "https://bugzilla.suse.com/1128474"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3857",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3857"
},
{
"cve": "CVE-2019-3858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3858"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3858",
"url": "https://www.suse.com/security/cve/CVE-2019-3858"
},
{
"category": "external",
"summary": "SUSE Bug 1128476 for CVE-2019-3858",
"url": "https://bugzilla.suse.com/1128476"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3858",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "moderate"
}
],
"title": "CVE-2019-3858"
},
{
"cve": "CVE-2019-3859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3859"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3859",
"url": "https://www.suse.com/security/cve/CVE-2019-3859"
},
{
"category": "external",
"summary": "SUSE Bug 1128480 for CVE-2019-3859",
"url": "https://bugzilla.suse.com/1128480"
},
{
"category": "external",
"summary": "SUSE Bug 1130103 for CVE-2019-3859",
"url": "https://bugzilla.suse.com/1130103"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3859",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3859"
},
{
"cve": "CVE-2019-3860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3860"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3860",
"url": "https://www.suse.com/security/cve/CVE-2019-3860"
},
{
"category": "external",
"summary": "SUSE Bug 1128481 for CVE-2019-3860",
"url": "https://bugzilla.suse.com/1128481"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3860",
"url": "https://bugzilla.suse.com/1135434"
},
{
"category": "external",
"summary": "SUSE Bug 1136570 for CVE-2019-3860",
"url": "https://bugzilla.suse.com/1136570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3860"
},
{
"cve": "CVE-2019-3861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3861"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3861",
"url": "https://www.suse.com/security/cve/CVE-2019-3861"
},
{
"category": "external",
"summary": "SUSE Bug 1128490 for CVE-2019-3861",
"url": "https://bugzilla.suse.com/1128490"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3861",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3861"
},
{
"cve": "CVE-2019-3862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3862"
}
],
"notes": [
{
"category": "general",
"text": "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3862",
"url": "https://www.suse.com/security/cve/CVE-2019-3862"
},
{
"category": "external",
"summary": "SUSE Bug 1128492 for CVE-2019-3862",
"url": "https://bugzilla.suse.com/1128492"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3862",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3862"
},
{
"cve": "CVE-2019-3863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3863"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3863",
"url": "https://www.suse.com/security/cve/CVE-2019-3863"
},
{
"category": "external",
"summary": "SUSE Bug 1128493 for CVE-2019-3863",
"url": "https://bugzilla.suse.com/1128493"
},
{
"category": "external",
"summary": "SUSE Bug 1130103 for CVE-2019-3863",
"url": "https://bugzilla.suse.com/1130103"
},
{
"category": "external",
"summary": "SUSE Bug 1135434 for CVE-2019-3863",
"url": "https://bugzilla.suse.com/1135434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-ESPOS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP1:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP2:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.aarch64",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.s390x",
"SUSE Linux Enterprise Server 15-LTSS:libssh2-devel-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-1-32bit-1.9.0-4.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15:libssh2-devel-1.9.0-4.13.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T13:54:59Z",
"details": "low"
}
],
"title": "CVE-2019-3863"
}
]
}
VAR-201903-0388
Vulnerability from variot - Updated: 2024-07-23 21:20An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. libssh2 Contains an integer overflow vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. It can execute remote commands and file transfers, and at the same time provide a secure transmission channel for remote programs. An integer overflow vulnerability exists in libssh2. The vulnerability is caused by the '_libssh2_transport_read()' function not properly checking the packet_length value from the server. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-9-26-7 Xcode 11.0
Xcode 11.0 addresses the following:
IDE SCM Available for: macOS Mojave 10.14.4 and later Impact: Multiple issues in libssh2 Description: Multiple issues were addressed by updating to version 2.16. CVE-2019-3855: Chris Coulson
ld64 Available for: macOS Mojave 10.14.4 and later Impact: Compiling code without proper input validation could lead to arbitrary code execution with user privilege Description: Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool Available for: macOS Mojave 10.14.4 and later Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
-
The version after applying this update will be "11.0". 6) - i386, x86_64
-
Description:
The libssh2 packages provide a library that implements the SSH2 protocol. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
===================================================================== Red Hat Security Advisory
Synopsis: Important: virt:rhel security update Advisory ID: RHSA-2019:1175-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:1175 Issue date: 2019-05-14 CVE Names: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20815 CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3863 CVE-2019-11091 =====================================================================
- Summary:
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
- Description:
Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems.
Security Fix(es):
-
A flaw was found in the implementation of the "fill buffer", a mechanism used by modern CPUs when a cache-miss is made on L1 CPU cache. If an attacker can generate a load operation that would create a page fault, the execution will continue speculatively with incorrect data from the fill buffer while the data is fetched from higher level caches. This response time can be measured to infer data in the fill buffer. (CVE-2018-12130)
-
Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA (STore Address) and STD (STore Data) sub-operations. These sub-operations allow the processor to hand-off address generation logic into these sub-operations for optimized writes. Both of these sub-operations write to a shared distributed processor structure called the 'processor store buffer'. As a result, an unprivileged attacker could use this flaw to read private data resident within the CPU's processor store buffer. (CVE-2018-12126)
-
Microprocessors use a ‘load port’ subcomponent to perform load operations from memory or IO. During a load operation, the load port receives data from the memory or IO subsystem and then provides the data to the CPU registers and operations in the CPU’s pipelines. Stale load operations results are stored in the 'load port' table until overwritten by newer operations. Certain load-port operations triggered by an attacker can be used to reveal data about previous stale requests leaking data back to the attacker via a timing side-channel. (CVE-2018-12127)
-
Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS) 1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS) 1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS) 1687303 - CVE-2019-3855 libssh2: Integer overflow in transport read resulting in out of bounds write 1687304 - CVE-2019-3856 libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write 1687305 - CVE-2019-3857 libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write 1687313 - CVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes 1693101 - CVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob 1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
- Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source: SLOF-20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65.src.rpm hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.src.rpm libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.src.rpm libguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.src.rpm libiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.src.rpm libssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.src.rpm libvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.src.rpm libvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.src.rpm libvirt-python-4.5.0-1.module+el8.0.0+3075+09be6b65.src.rpm nbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.src.rpm netcf-0.2.8-10.module+el8.0.0+3075+09be6b65.src.rpm perl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.src.rpm qemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.src.rpm seabios-1.11.1-3.module+el8.0.0+3075+09be6b65.src.rpm sgabios-0.20170427git-2.module+el8.0.0+3075+09be6b65.src.rpm supermin-5.1.19-8.module+el8.0.0+3075+09be6b65.src.rpm
aarch64: hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm hivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm hivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-benchmarking-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-benchmarking-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm libguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm libiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm libssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.aarch64.rpm libssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.aarch64.rpm libssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.aarch64.rpm libvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm libvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm libvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm libvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm libvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm lua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm lua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm nbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm netcf-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm netcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm netcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm netcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm netcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm netcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm perl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm python3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm python3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm python3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm python3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm python3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.aarch64.rpm python3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.aarch64.rpm qemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm qemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm ruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm ruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm ruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm ruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm supermin-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm supermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm supermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm supermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm virt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm virt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm
noarch: SLOF-20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65.noarch.rpm libguestfs-bash-completion-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm libguestfs-inspect-icons-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm libguestfs-javadoc-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm libguestfs-man-pages-ja-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm libguestfs-man-pages-uk-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm libguestfs-tools-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm nbdkit-bash-completion-1.4.2-4.module+el8.0.0+3075+09be6b65.noarch.rpm seabios-bin-1.11.1-3.module+el8.0.0+3075+09be6b65.noarch.rpm seavgabios-bin-1.11.1-3.module+el8.0.0+3075+09be6b65.noarch.rpm sgabios-bin-0.20170427git-2.module+el8.0.0+3075+09be6b65.noarch.rpm
ppc64le: hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm hivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm hivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm libguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm libiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm libssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.ppc64le.rpm libssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.ppc64le.rpm libssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.ppc64le.rpm libvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm libvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm libvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm libvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm libvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm lua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm lua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm nbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm netcf-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm netcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm netcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm netcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm netcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm netcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm perl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm python3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm python3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm python3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm python3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm python3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.ppc64le.rpm python3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.ppc64le.rpm qemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm qemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm ruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm ruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm ruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm ruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm supermin-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm supermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm supermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm supermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm virt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm virt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm
s390x: hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm hivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm hivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm libguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm libiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm libiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm libiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm libiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm libiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm libiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm libssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.s390x.rpm libssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.s390x.rpm libssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.s390x.rpm libvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm libvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm libvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm libvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm libvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm lua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm lua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm nbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm netcf-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm netcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm netcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm netcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm netcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm netcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm perl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm perl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm perl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.s390x.rpm perl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.s390x.rpm perl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.s390x.rpm perl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm perl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm python3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm python3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm python3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm python3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm python3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.s390x.rpm python3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.s390x.rpm qemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm qemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm ruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm ruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm ruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm ruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm supermin-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm supermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm supermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm supermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm virt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm virt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm
x86_64: hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm hivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm hivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-benchmarking-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-benchmarking-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm libguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm libiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm libssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.x86_64.rpm libssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.x86_64.rpm libssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.x86_64.rpm libvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm libvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm libvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm libvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm libvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm lua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm lua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-vddk-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-vddk-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm nbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm netcf-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm netcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm netcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm netcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm netcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm netcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm perl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm python3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm python3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm python3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm python3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm python3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.x86_64.rpm python3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.x86_64.rpm qemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-gluster-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-gluster-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm qemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm ruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm ruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm ruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm ruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm seabios-1.11.1-3.module+el8.0.0+3075+09be6b65.x86_64.rpm sgabios-0.20170427git-2.module+el8.0.0+3075+09be6b65.x86_64.rpm supermin-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm supermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm supermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm supermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm virt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm virt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm virt-p2v-maker-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm virt-v2v-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm virt-v2v-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2018-12126 https://access.redhat.com/security/cve/CVE-2018-12127 https://access.redhat.com/security/cve/CVE-2018-12130 https://access.redhat.com/security/cve/CVE-2018-20815 https://access.redhat.com/security/cve/CVE-2019-3855 https://access.redhat.com/security/cve/CVE-2019-3856 https://access.redhat.com/security/cve/CVE-2019-3857 https://access.redhat.com/security/cve/CVE-2019-3863 https://access.redhat.com/security/cve/CVE-2019-11091 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXNsFdNzjgjWX9erEAQjf/g/+IPQ7NKuK24reC2hW29G51Nno6oF2bwsO yNTBaVjP5U1cRHhDrvv3V+Pao8Pj4sB3BRJHYgO8KHMj1uJmP72AdAzaPPkJxoDh 42FOaNLkfQkguzreRN+ty+jHaVUumvuqf9HViVrJyvR+cfvV2tF8poGmKoWrEK5s rSOkvp3haP0HzwVN9wSnrlFGU/DrsLyg80+BuJb878ecSPRHiy/6ZuLd/nkO8fnO VKvDlTKEHAOwZWPmBTduGwOPe4J3fB+9chgK6ZcZpnh+lPSonkIfTXA1svbD8Un/ FsC3wxDdHA9wRkwZZquRgaAeDWwYtKe7nMWSiR6USTWAkh8gruf53eW6//A6999Q oI4wHzKQjJbYH9Pvc3AlQj+5nemvnfyBF/V0UijTHbRBxtJvnIsdro2bpgYsF3Mu JD6kMP7l5D51eQ3tNxDdeB49YNctPF0HuGbw7x0CojBhlQW7k10Ul3/LtqEu2Av4 TqAJP3ENBC1C7VT1zGUSfc8neNNQxJzV9Co08w61bNtd4fo29uv0fOvDy+1J+7CT fOzF2slJTOJ/cqwcaR8j/SjKSFUIrHBKEPYWfVybmKLJhfQCmUzWE7sHZJ+9jKkb LDT+GUF9+TE7CNkD95vBlgs8kG3R76ZG5NSxjI1GDOLNNuhqH3/RZh3KNE17ut/r M5otU3RxBZs= =634V -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7.3) - x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4431-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2019 https://www.debian.org/security/faq
Package : libssh2 CVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Debian Bug : 924965
Chris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.
For the stable distribution (stretch), these problems have been fixed in version 1.7.0-1+deb9u1.
We recommend that you upgrade your libssh2 packages
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201903-0388",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "libssh2",
"scope": "lt",
"trust": 1.8,
"vendor": "libssh2",
"version": "1.8.1"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "29"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.57"
},
{
"model": "ontap select deploy administration utility",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "peoplesoft enterprise peopletools",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "8.56"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "8.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "leap",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "42.3"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "28"
},
{
"model": "xcode",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "11.0"
},
{
"model": "fedora",
"scope": "eq",
"trust": 1.0,
"vendor": "fedoraproject",
"version": "30"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "gnu/linux",
"scope": null,
"trust": 0.8,
"vendor": "debian",
"version": null
},
{
"model": "fedora",
"scope": "eq",
"trust": 0.8,
"vendor": "fedora",
"version": "29"
},
{
"model": "ontap select deploy administration utility",
"scope": null,
"trust": 0.8,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "none"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "aus"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "eus"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "tus"
},
{
"model": "enterprise linux workstation",
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "11.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Chris Coulson of Canonical Ltd.,Slackware Security Team",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
}
],
"trust": 0.6
},
"cve": "CVE-2019-3855",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-3855",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-155290",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"author": "secalert@redhat.com",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-3855",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-3855",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "secalert@redhat.com",
"id": "CVE-2019-3855",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201903-634",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-155290",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-3855",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155290"
},
{
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. libssh2 Contains an integer overflow vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. It can execute remote commands and file transfers, and at the same time provide a secure transmission channel for remote programs. An integer overflow vulnerability exists in libssh2. The vulnerability is caused by the \u0027_libssh2_transport_read()\u0027 function not properly checking the packet_length value from the server. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-9-26-7 Xcode 11.0\n\nXcode 11.0 addresses the following:\n\nIDE SCM\nAvailable for: macOS Mojave 10.14.4 and later\nImpact: Multiple issues in libssh2\nDescription: Multiple issues were addressed by updating to version\n2.16. \nCVE-2019-3855: Chris Coulson\n\nld64\nAvailable for: macOS Mojave 10.14.4 and later\nImpact: Compiling code without proper input validation could lead to\narbitrary code execution with user privilege\nDescription: Multiple issues in ld64 in the Xcode toolchains were\naddressed by updating to version ld64-507.4. \nCVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team\nCVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team\nCVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team\nCVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team\n\notool\nAvailable for: macOS Mojave 10.14.4 and later\nImpact: Processing a maliciously crafted file may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team\nCVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 11.0 may be obtained from:\n\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"11.0\". 6) - i386, x86_64\n\n3. Description:\n\nThe libssh2 packages provide a library that implements the SSH2 protocol. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: virt:rhel security update\nAdvisory ID: RHSA-2019:1175-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:1175\nIssue date: 2019-05-14\nCVE Names: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 \n CVE-2018-20815 CVE-2019-3855 CVE-2019-3856 \n CVE-2019-3857 CVE-2019-3863 CVE-2019-11091 \n=====================================================================\n\n1. Summary:\n\nAn update for the virt:rhel module is now available for Red Hat Enterprise\nLinux 8. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64\n\n3. Description:\n\nKernel-based Virtual Machine (KVM) offers a full virtualization solution\nfor Linux on numerous hardware platforms. The virt:rhel module contains\npackages which provide user-space components used to run virtual machines\nusing KVM. The packages also provide APIs for managing and interacting with\nthe virtualized systems. \n\nSecurity Fix(es):\n\n* A flaw was found in the implementation of the \"fill buffer\", a mechanism\nused by modern CPUs when a cache-miss is made on L1 CPU cache. If an\nattacker can generate a load operation that would create a page fault, the\nexecution will continue speculatively with incorrect data from the fill\nbuffer while the data is fetched from higher level caches. This response\ntime can be measured to infer data in the fill buffer. (CVE-2018-12130)\n\n* Modern Intel microprocessors implement hardware-level micro-optimizations\nto improve the performance of writing data back to CPU caches. The write\noperation is split into STA (STore Address) and STD (STore Data)\nsub-operations. These sub-operations allow the processor to hand-off\naddress generation logic into these sub-operations for optimized writes. \nBoth of these sub-operations write to a shared distributed processor\nstructure called the \u0027processor store buffer\u0027. As a result, an\nunprivileged attacker could use this flaw to read private data resident\nwithin the CPU\u0027s processor store buffer. (CVE-2018-12126)\n\n* Microprocessors use a \u2018load port\u2019 subcomponent to perform load operations\nfrom memory or IO. During a load operation, the load port receives data\nfrom the memory or IO subsystem and then provides the data to the CPU\nregisters and operations in the CPU\u2019s pipelines. Stale load operations\nresults are stored in the \u0027load port\u0027 table until overwritten by newer\noperations. Certain load-port operations triggered by an attacker can be\nused to reveal data about previous stale requests leaking data back to the\nattacker via a timing side-channel. (CVE-2018-12127)\n\n* Uncacheable memory on some microprocessors utilizing speculative\nexecution may allow an authenticated user to potentially enable information\ndisclosure via a side channel with local access. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1646781 - CVE-2018-12126 hardware: Microarchitectural Store Buffer Data Sampling (MSBDS)\n1646784 - CVE-2018-12130 hardware: Microarchitectural Fill Buffer Data Sampling (MFBDS)\n1667782 - CVE-2018-12127 hardware: Micro-architectural Load Port Data Sampling - Information Leak (MLPDS)\n1687303 - CVE-2019-3855 libssh2: Integer overflow in transport read resulting in out of bounds write\n1687304 - CVE-2019-3856 libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write\n1687305 - CVE-2019-3857 libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write\n1687313 - CVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes\n1693101 - CVE-2018-20815 QEMU: device_tree: heap buffer overflow while loading device tree blob\n1705312 - CVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)\n\n6. Package List:\n\nRed Hat Enterprise Linux AppStream (v. 8):\n\nSource:\nSLOF-20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65.src.rpm\nhivex-1.3.15-6.module+el8.0.0+3075+09be6b65.src.rpm\nlibguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.src.rpm\nlibguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.src.rpm\nlibiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.src.rpm\nlibssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.src.rpm\nlibvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.src.rpm\nlibvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.src.rpm\nlibvirt-python-4.5.0-1.module+el8.0.0+3075+09be6b65.src.rpm\nnbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.src.rpm\nnetcf-0.2.8-10.module+el8.0.0+3075+09be6b65.src.rpm\nperl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.src.rpm\nqemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.src.rpm\nseabios-1.11.1-3.module+el8.0.0+3075+09be6b65.src.rpm\nsgabios-0.20170427git-2.module+el8.0.0+3075+09be6b65.src.rpm\nsupermin-5.1.19-8.module+el8.0.0+3075+09be6b65.src.rpm\n\naarch64:\nhivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nhivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nhivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nhivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-benchmarking-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-benchmarking-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.aarch64.rpm\nlibssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.aarch64.rpm\nlibssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.aarch64.rpm\nlibvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlibvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlibvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.aarch64.rpm\nlua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nlua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnetcf-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnetcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnetcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnetcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnetcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nnetcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nperl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\npython3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\npython3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\npython3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\npython3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\npython3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.aarch64.rpm\npython3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.aarch64.rpm\nqemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nqemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.aarch64.rpm\nruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.aarch64.rpm\nruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nsupermin-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm\nsupermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm\nsupermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm\nsupermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.aarch64.rpm\nvirt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\nvirt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.aarch64.rpm\n\nnoarch:\nSLOF-20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65.noarch.rpm\nlibguestfs-bash-completion-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm\nlibguestfs-inspect-icons-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm\nlibguestfs-javadoc-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm\nlibguestfs-man-pages-ja-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm\nlibguestfs-man-pages-uk-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm\nlibguestfs-tools-1.38.4-10.module+el8.0.0+3075+09be6b65.noarch.rpm\nnbdkit-bash-completion-1.4.2-4.module+el8.0.0+3075+09be6b65.noarch.rpm\nseabios-bin-1.11.1-3.module+el8.0.0+3075+09be6b65.noarch.rpm\nseavgabios-bin-1.11.1-3.module+el8.0.0+3075+09be6b65.noarch.rpm\nsgabios-bin-0.20170427git-2.module+el8.0.0+3075+09be6b65.noarch.rpm\n\nppc64le:\nhivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nhivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nhivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nhivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.ppc64le.rpm\nlibssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.ppc64le.rpm\nlibssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.ppc64le.rpm\nlibvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlibvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlibvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.ppc64le.rpm\nlua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nlua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnetcf-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnetcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnetcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnetcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnetcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nnetcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nperl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\npython3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\npython3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\npython3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\npython3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\npython3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.ppc64le.rpm\npython3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nqemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nqemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.ppc64le.rpm\nruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nsupermin-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nsupermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nsupermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nsupermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nvirt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\nvirt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.ppc64le.rpm\n\ns390x:\nhivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nhivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nhivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nhivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.s390x.rpm\nlibssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.s390x.rpm\nlibssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.s390x.rpm\nlibvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.s390x.rpm\nlibvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlibvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.s390x.rpm\nlua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nlua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nnetcf-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nnetcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nnetcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nnetcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nnetcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nnetcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nperl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\npython3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\npython3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\npython3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\npython3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\npython3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.s390x.rpm\npython3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.s390x.rpm\nqemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nqemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.s390x.rpm\nruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.s390x.rpm\nruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nsupermin-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm\nsupermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm\nsupermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm\nsupermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.s390x.rpm\nvirt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\nvirt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.s390x.rpm\n\nx86_64:\nhivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nhivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nhivex-debugsource-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nhivex-devel-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-benchmarking-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-benchmarking-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-debugsource-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-gfs2-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-gobject-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-gobject-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-gobject-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-java-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-java-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-java-devel-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-rescue-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-rsync-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-tools-c-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-tools-c-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-winsupport-8.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibguestfs-xfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibiscsi-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibiscsi-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibiscsi-debugsource-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibiscsi-devel-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibiscsi-utils-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibiscsi-utils-debuginfo-1.18.0-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibssh2-1.8.0-7.module+el8.0.0+3075+09be6b65.1.x86_64.rpm\nlibssh2-debuginfo-1.8.0-7.module+el8.0.0+3075+09be6b65.1.x86_64.rpm\nlibssh2-debugsource-1.8.0-7.module+el8.0.0+3075+09be6b65.1.x86_64.rpm\nlibvirt-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-admin-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-admin-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-bash-completion-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-client-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-client-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-config-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-config-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-interface-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-interface-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-network-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-network-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-nodedev-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-nodedev-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-nwfilter-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-nwfilter-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-qemu-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-qemu-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-secret-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-secret-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-core-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-core-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-disk-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-disk-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-gluster-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-gluster-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-iscsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-iscsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-logical-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-logical-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-mpath-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-mpath-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-rbd-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-rbd-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-scsi-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-driver-storage-scsi-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-daemon-kvm-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-dbus-1.2.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibvirt-dbus-debuginfo-1.2.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibvirt-dbus-debugsource-1.2.0-2.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlibvirt-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-debugsource-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-devel-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-docs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-libs-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-libs-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-lock-sanlock-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-lock-sanlock-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-nss-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlibvirt-nss-debuginfo-4.5.0-23.1.module+el8.0.0+3151+3ba813f9.x86_64.rpm\nlua-guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nlua-guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-basic-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-basic-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-debugsource-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-devel-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-example-plugins-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-example-plugins-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-gzip-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-gzip-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-python-common-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-python3-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-python3-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-vddk-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-vddk-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-xz-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnbdkit-plugin-xz-debuginfo-1.4.2-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnetcf-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnetcf-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnetcf-debugsource-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnetcf-devel-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnetcf-libs-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nnetcf-libs-debuginfo-0.2.8-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-Sys-Guestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-Sys-Guestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-Sys-Virt-4.5.0-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-Sys-Virt-debuginfo-4.5.0-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-Sys-Virt-debugsource-4.5.0-4.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nperl-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\npython3-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\npython3-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\npython3-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\npython3-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\npython3-libvirt-4.5.0-1.module+el8.0.0+3075+09be6b65.x86_64.rpm\npython3-libvirt-debuginfo-4.5.0-1.module+el8.0.0+3075+09be6b65.x86_64.rpm\nqemu-guest-agent-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-guest-agent-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-img-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-img-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-curl-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-curl-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-gluster-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-gluster-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-iscsi-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-iscsi-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-rbd-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-rbd-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-ssh-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-block-ssh-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-common-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-common-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-core-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-core-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-debuginfo-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nqemu-kvm-debugsource-2.12.0-64.module+el8.0.0+3180+d6a3561d.2.x86_64.rpm\nruby-hivex-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nruby-hivex-debuginfo-1.3.15-6.module+el8.0.0+3075+09be6b65.x86_64.rpm\nruby-libguestfs-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nruby-libguestfs-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nseabios-1.11.1-3.module+el8.0.0+3075+09be6b65.x86_64.rpm\nsgabios-0.20170427git-2.module+el8.0.0+3075+09be6b65.x86_64.rpm\nsupermin-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm\nsupermin-debuginfo-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm\nsupermin-debugsource-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm\nsupermin-devel-5.1.19-8.module+el8.0.0+3075+09be6b65.x86_64.rpm\nvirt-dib-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nvirt-dib-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nvirt-p2v-maker-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nvirt-v2v-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\nvirt-v2v-debuginfo-1.38.4-10.module+el8.0.0+3075+09be6b65.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2018-12126\nhttps://access.redhat.com/security/cve/CVE-2018-12127\nhttps://access.redhat.com/security/cve/CVE-2018-12130\nhttps://access.redhat.com/security/cve/CVE-2018-20815\nhttps://access.redhat.com/security/cve/CVE-2019-3855\nhttps://access.redhat.com/security/cve/CVE-2019-3856\nhttps://access.redhat.com/security/cve/CVE-2019-3857\nhttps://access.redhat.com/security/cve/CVE-2019-3863\nhttps://access.redhat.com/security/cve/CVE-2019-11091\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXNsFdNzjgjWX9erEAQjf/g/+IPQ7NKuK24reC2hW29G51Nno6oF2bwsO\nyNTBaVjP5U1cRHhDrvv3V+Pao8Pj4sB3BRJHYgO8KHMj1uJmP72AdAzaPPkJxoDh\n42FOaNLkfQkguzreRN+ty+jHaVUumvuqf9HViVrJyvR+cfvV2tF8poGmKoWrEK5s\nrSOkvp3haP0HzwVN9wSnrlFGU/DrsLyg80+BuJb878ecSPRHiy/6ZuLd/nkO8fnO\nVKvDlTKEHAOwZWPmBTduGwOPe4J3fB+9chgK6ZcZpnh+lPSonkIfTXA1svbD8Un/\nFsC3wxDdHA9wRkwZZquRgaAeDWwYtKe7nMWSiR6USTWAkh8gruf53eW6//A6999Q\noI4wHzKQjJbYH9Pvc3AlQj+5nemvnfyBF/V0UijTHbRBxtJvnIsdro2bpgYsF3Mu\nJD6kMP7l5D51eQ3tNxDdeB49YNctPF0HuGbw7x0CojBhlQW7k10Ul3/LtqEu2Av4\nTqAJP3ENBC1C7VT1zGUSfc8neNNQxJzV9Co08w61bNtd4fo29uv0fOvDy+1J+7CT\nfOzF2slJTOJ/cqwcaR8j/SjKSFUIrHBKEPYWfVybmKLJhfQCmUzWE7sHZJ+9jKkb\nLDT+GUF9+TE7CNkD95vBlgs8kG3R76ZG5NSxjI1GDOLNNuhqH3/RZh3KNE17ut/r\nM5otU3RxBZs=\n=634V\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7.3) - x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4431-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 13, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libssh2\nCVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858\n CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862\n CVE-2019-3863\nDebian Bug : 924965\n\nChris Coulson discovered several vulnerabilities in libssh2, a SSH2\nclient-side library, which could result in denial of service,\ninformation leaks or the execution of arbitrary code. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.7.0-1+deb9u1. \n\nWe recommend that you upgrade your libssh2 packages",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3855"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "VULHUB",
"id": "VHN-155290"
},
{
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"db": "PACKETSTORM",
"id": "154655"
},
{
"db": "PACKETSTORM",
"id": "153510"
},
{
"db": "PACKETSTORM",
"id": "152874"
},
{
"db": "PACKETSTORM",
"id": "153969"
},
{
"db": "PACKETSTORM",
"id": "153654"
},
{
"db": "PACKETSTORM",
"id": "153811"
},
{
"db": "PACKETSTORM",
"id": "152509"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3855",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "152136",
"trust": 1.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2019/03/18/3",
"trust": 1.8
},
{
"db": "BID",
"id": "107485",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201903-634",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2019.4341",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.2340",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2021.4083",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.1274",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.4479.2",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0911",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.4226",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0996",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.0894",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "152509",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153654",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "154655",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153510",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153969",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "153811",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "152282",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-155290",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-3855",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "152874",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155290"
},
{
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "PACKETSTORM",
"id": "154655"
},
{
"db": "PACKETSTORM",
"id": "153510"
},
{
"db": "PACKETSTORM",
"id": "152874"
},
{
"db": "PACKETSTORM",
"id": "153969"
},
{
"db": "PACKETSTORM",
"id": "153654"
},
{
"db": "PACKETSTORM",
"id": "153811"
},
{
"db": "PACKETSTORM",
"id": "152509"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"id": "VAR-201903-0388",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-155290"
}
],
"trust": 0.01
},
"last_update_date": "2024-07-23T21:20:42.429000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[SECURITY] [DLA 1730-1] libssh2 security update",
"trust": 0.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"title": "DSA-4431",
"trust": 0.8,
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"title": "FEDORA-2019-f31c14682f",
"trust": 0.8,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xcwea5zclkrduk62qvvymfwlwkopx3lo/"
},
{
"title": "Possible integer overflow in transport read allows out-of-bounds write",
"trust": 0.8,
"url": "https://www.libssh2.org/cve-2019-3855.html"
},
{
"title": "NTAP-20190327-0005",
"trust": 0.8,
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"title": "Bug 1687303",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3855"
},
{
"title": "RHSA-2019:0679",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2019:0679"
},
{
"title": "libssh2 Fixes for digital error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90196"
},
{
"title": "Red Hat: Important: libssh2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191652 - security advisory"
},
{
"title": "Red Hat: Important: libssh2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191791 - security advisory"
},
{
"title": "Red Hat: Important: libssh2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20192399 - security advisory"
},
{
"title": "Red Hat: Important: libssh2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20190679 - security advisory"
},
{
"title": "Red Hat: Important: libssh2 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191943 - security advisory"
},
{
"title": "Debian CVElist Bug Report Logs: libssh2: CVE-2019-13115",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=fae8ca9a607a0d36a41864075e4d1739"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2019-3855"
},
{
"title": "Red Hat: Important: virt:rhel security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20191175 - security advisory"
},
{
"title": "Amazon Linux AMI: ALAS-2019-1254",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2019-1254"
},
{
"title": "Amazon Linux 2: ALAS2-2019-1199",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2\u0026qid=alas2-2019-1199"
},
{
"title": "IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=90ea192442f00a544f31c35e3585a0e6"
},
{
"title": "Debian CVElist Bug Report Logs: libssh2: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=00191547a456d0cf5c7b101c1774a050"
},
{
"title": "Debian Security Advisories: DSA-4431-1 libssh2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=32e9048e9588619b2dfacda6369a23ee"
},
{
"title": "IBM: IBM Security Bulletin: IBM QRadar Network Security is affected by multiple libssh2 vulnerabilities (CVE-2019-3863, CVE-2019-3857, CVE-2019-3856, CVE-2019-3855)",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=55b92934c6d6315aa40e8be4ce2a8bf4"
},
{
"title": "IBM: IBM Security Bulletin: Vulnerabiliies in libssh2 affect PowerKVM",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=6e0e5e527a9204c06a52ef667608c6e8"
},
{
"title": "Arch Linux Advisories: [ASA-201903-13] libssh2: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201903-13"
},
{
"title": "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins\u0026qid=b76ca4c2e9a0948d77d969fddc7b121b"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0cf12ffad0c479958deb0741d0970b4e"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2019",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=767e8ff3a913d6c9b177c63c24420933"
},
{
"title": "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches \u2013 Release 1801-z",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=4ef3e54cc5cdc194f0526779f9480f89"
},
{
"title": "Fortinet Security Advisories: libssh2 integer overflow and out of bounds read/write vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories\u0026qid=fg-ir-19-099"
},
{
"title": "IBM: IBM Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog\u0026qid=1519a5f830589c3bab8a20f4163374ae"
},
{
"title": "Siemens Security Advisories: Siemens Security Advisory",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories\u0026qid=ec6577109e640dac19a6ddb978afe82d"
},
{
"title": "TrivyWeb",
"trust": 0.1,
"url": "https://github.com/korayagaya/trivyweb "
},
{
"title": "github_aquasecurity_trivy",
"trust": 0.1,
"url": "https://github.com/back8/github_aquasecurity_trivy "
},
{
"title": "trivy",
"trust": 0.1,
"url": "https://github.com/simiyo/trivy "
},
{
"title": "security",
"trust": 0.1,
"url": "https://github.com/umahari/security "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/mohzeela/external-secret "
},
{
"title": "Vulnerability-Scanner-for-Containers",
"trust": 0.1,
"url": "https://github.com/t31m0/vulnerability-scanner-for-containers "
},
{
"title": "trivy",
"trust": 0.1,
"url": "https://github.com/siddharthraopotukuchi/trivy "
},
{
"title": "trivy",
"trust": 0.1,
"url": "https://github.com/aquasecurity/trivy "
},
{
"title": "trivy",
"trust": 0.1,
"url": "https://github.com/knqyf263/trivy "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/developer3000s/poc-in-github "
},
{
"title": "CVE-POC",
"trust": 0.1,
"url": "https://github.com/0xt11/cve-poc "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/nomi-sec/poc-in-github "
},
{
"title": "PoC-in-GitHub",
"trust": 0.1,
"url": "https://github.com/hectorgie/poc-in-github "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-190",
"trust": 1.9
},
{
"problemtype": "CWE-787",
"trust": 1.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155290"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://packetstormsecurity.com/files/152136/slackware-security-advisory-libssh2-updates.html"
},
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/107485"
},
{
"trust": 2.4,
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"trust": 2.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3855"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:1175"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:1652"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:1791"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:1943"
},
{
"trust": 1.9,
"url": "https://access.redhat.com/errata/rhsa-2019:2399"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/mar/25"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/apr/25"
},
{
"trust": 1.8,
"url": "https://seclists.org/bugtraq/2019/sep/49"
},
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3855"
},
{
"trust": 1.8,
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"trust": 1.8,
"url": "https://support.apple.com/kb/ht210609"
},
{
"trust": 1.8,
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767"
},
{
"trust": 1.8,
"url": "http://seclists.org/fulldisclosure/2019/sep/42"
},
{
"trust": 1.8,
"url": "https://www.libssh2.org/cve-2019-3855.html"
},
{
"trust": 1.8,
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"trust": 1.8,
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"trust": 1.8,
"url": "http://www.openwall.com/lists/oss-security/2019/03/18/3"
},
{
"trust": 1.8,
"url": "https://access.redhat.com/errata/rhsa-2019:0679"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"trust": 1.8,
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xcwea5zclkrduk62qvvymfwlwkopx3lo/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5dk6vo2ceutajfyikwnzkekymyr3no2o/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6lunhpw64igcasz4jq2j5kdxnzn53dww/"
},
{
"trust": 1.1,
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/m7if3lnhoa75o4wzwihjlirma5ljued3/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3855\\"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5dk6vo2ceutajfyikwnzkekymyr3no2o/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/m7if3lnhoa75o4wzwihjlirma5ljued3/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6lunhpw64igcasz4jq2j5kdxnzn53dww/"
},
{
"trust": 0.7,
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xcwea5zclkrduk62qvvymfwlwkopx3lo/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3856"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3857"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3863"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190655-1.html"
},
{
"trust": 0.6,
"url": "https://fortiguard.com/psirt/fg-ir-19-099"
},
{
"trust": 0.6,
"url": "https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1115655"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1115643"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1115649"
},
{
"trust": 0.6,
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201913982-1.html"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/6520674"
},
{
"trust": 0.6,
"url": "https://vigilance.fr/vulnerability/libssh2-multiple-vulnerabilities-28768"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77838"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1120209"
},
{
"trust": 0.6,
"url": "https://support.apple.com/en-us/ht210609"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1116357"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.2340/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.4226/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/support/pages/node/1170634"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/79010"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4341/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77478"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/77406"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.4479.2/"
},
{
"trust": 0.6,
"url": "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-module-ii-imm2-is-affected-by-multiple-vulnerabilities-in-libssh2/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2021.4083"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-3863"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-3857"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-3856"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2019-3855"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/787.html"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/190.html"
},
{
"trust": 0.1,
"url": "https://tools.cisco.com/security/center/viewalert.x?alertid=59797"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/korayagaya/trivyweb"
},
{
"trust": 0.1,
"url": "https://support.apple.com/kb/ht201222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8724"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8723"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8738"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://developer.apple.com/xcode/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8722"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8721"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-8739"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11091"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20815"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12126"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12127"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12126"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2019-11091"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12130"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-20815"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2018-12127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12130"
},
{
"trust": 0.1,
"url": "https://security-tracker.debian.org/tracker/libssh2"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3859"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3860"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3861"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3862"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3858"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155290"
},
{
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "PACKETSTORM",
"id": "154655"
},
{
"db": "PACKETSTORM",
"id": "153510"
},
{
"db": "PACKETSTORM",
"id": "152874"
},
{
"db": "PACKETSTORM",
"id": "153969"
},
{
"db": "PACKETSTORM",
"id": "153654"
},
{
"db": "PACKETSTORM",
"id": "153811"
},
{
"db": "PACKETSTORM",
"id": "152509"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-155290"
},
{
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"db": "PACKETSTORM",
"id": "154655"
},
{
"db": "PACKETSTORM",
"id": "153510"
},
{
"db": "PACKETSTORM",
"id": "152874"
},
{
"db": "PACKETSTORM",
"id": "153969"
},
{
"db": "PACKETSTORM",
"id": "153654"
},
{
"db": "PACKETSTORM",
"id": "153811"
},
{
"db": "PACKETSTORM",
"id": "152509"
},
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
},
{
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-21T00:00:00",
"db": "VULHUB",
"id": "VHN-155290"
},
{
"date": "2019-03-21T00:00:00",
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"date": "2019-09-29T10:11:11",
"db": "PACKETSTORM",
"id": "154655"
},
{
"date": "2019-07-02T14:08:10",
"db": "PACKETSTORM",
"id": "153510"
},
{
"date": "2019-05-15T14:55:50",
"db": "PACKETSTORM",
"id": "152874"
},
{
"date": "2019-08-07T20:10:33",
"db": "PACKETSTORM",
"id": "153969"
},
{
"date": "2019-07-16T20:10:44",
"db": "PACKETSTORM",
"id": "153654"
},
{
"date": "2019-07-30T18:13:57",
"db": "PACKETSTORM",
"id": "153811"
},
{
"date": "2019-04-15T16:33:02",
"db": "PACKETSTORM",
"id": "152509"
},
{
"date": "2019-03-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-634"
},
{
"date": "2019-03-21T21:29:00.433000",
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-10-15T00:00:00",
"db": "VULHUB",
"id": "VHN-155290"
},
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-3855"
},
{
"date": "2019-04-24T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-002832"
},
{
"date": "2021-12-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201903-634"
},
{
"date": "2023-11-07T03:10:14.793000",
"db": "NVD",
"id": "CVE-2019-3855"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "libssh2 Integer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-002832"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201903-634"
}
],
"trust": 0.6
}
}
WID-SEC-W-2023-1230
Vulnerability from csaf_certbund - Published: 2019-03-18 23:00 - Updated: 2025-01-14 23:00Summary
libssh2: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: libssh2 ist eine C Bibliothek für das Anbieten von SSH2 Diensten auf Client- und Serverseite. Sie kann genutzt werden, um aus der Ferne Programme auszuführen, Dateien zu übertragen oder als sicherer und transparenter Tunnel für entfernte Programme genutzt werden.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libssh2 ausnutzen, um beliebigen Programmcode mit Benutzerrechten auszuführen, Informationen offenzulegen oder einen Denial of Service zu verursachen.
Betroffene Betriebssysteme: - Linux
- UNIX
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgemäßer Speicherbehandlung, was zu Pufferüberläufen sowie zu "Out of Bounds read" und "Out of Bounds write" fehlern führt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuführen, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausführung zu bringen.
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
F5 BIG-IP 15.1.0-15.1.10
F5 / BIG-IP
|
cpe:/a:f5:big-ip:15.1.0_-_15.1.10
|
15.1.0-15.1.10 | |
|
Fortinet FortiOS
Fortinet
|
cpe:/o:fortinet:fortios:-
|
— | |
|
F5 BIG-IP 16.1.0-16.1.5
F5 / BIG-IP
|
cpe:/a:f5:big-ip:16.1.0_-_16.1.5
|
16.1.0-16.1.5 | |
|
Juniper Junos Space <20.1R1
Juniper / Junos Space
|
<20.1R1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
Open Source libssh2 <1.8.1
Open Source / libssh2
|
<1.8.1 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
F5 BIG-IP
F5 / BIG-IP
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
F5 BIG-IP 17.1.0-17.1.2
F5 / BIG-IP
|
cpe:/a:f5:big-ip:17.1.0_-_17.1.2
|
17.1.0-17.1.2 | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— |
References
49 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "libssh2 ist eine C Bibliothek f\u00fcr das Anbieten von SSH2 Diensten auf Client- und Serverseite. Sie kann genutzt werden, um aus der Ferne Programme auszuf\u00fchren, Dateien zu \u00fcbertragen oder als sicherer und transparenter Tunnel f\u00fcr entfernte Programme genutzt werden.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in libssh2 ausnutzen, um beliebigen Programmcode mit Benutzerrechten auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1230 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-1230.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1230 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1230"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/security.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3855.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3856.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3857.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3858.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3859.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3860.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3861.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3862.html"
},
{
"category": "external",
"summary": "libssh2 Security Advisories vom 2019-03-18",
"url": "https://www.libssh2.org/CVE-2019-3863.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:13982-1 vom 2019-03-19",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201913982-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:0655-1 vom 2019-03-20",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190655-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:0679 vom 2019-03-28",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-0679 vom 2019-03-28",
"url": "http://linux.oracle.com/errata/ELSA-2019-0679.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:13997-1 vom 2019-03-30",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201913997-1.html"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:0679 vom 2019-04-01",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-0679-Important-CentOS-7-libssh2-Security-Update-tp4645499.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4431 vom 2019-04-13",
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14032-1 vom 2019-04-27",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914032-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:1060-1 vom 2019-04-27",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191060-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:1059-1 vom 2019-04-27",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191059-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14031-1 vom 2019-04-27",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914031-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1175 vom 2019-05-15",
"url": "https://access.redhat.com/errata/RHSA-2019:1175"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4693 vom 2019-06-20",
"url": "http://linux.oracle.com/errata/ELSA-2019-4693.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4692 vom 2019-06-21",
"url": "http://linux.oracle.com/errata/ELSA-2019-4692.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14099-1 vom 2019-06-21",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914099-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:1606-1 vom 2019-06-21",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191606-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:14098-1 vom 2019-06-21",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-201914098-1.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2019-0028 vom 2019-06-24",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-June/000948.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1652 vom 2019-07-02",
"url": "https://access.redhat.com/errata/RHSA-2019:1652"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1652 vom 2019-07-03",
"url": "http://linux.oracle.com/errata/ELSA-2019-1652.html"
},
{
"category": "external",
"summary": "CentOS-announce CESA-2019:1652 vom 2019-07-03",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1652-Important-CentOS-6-libssh2-Security-Update-td4645589.html"
},
{
"category": "external",
"summary": "Oracle VM Server f\u00fcr x86 Bulletin - Juli 2019",
"url": "https://www.oracle.com/technetwork/topics/security/ovmbulletinjul2019-5600406.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1791 vom 2019-07-16",
"url": "https://access.redhat.com/errata/RHSA-2019:1791"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1884 vom 2019-07-29",
"url": "https://access.redhat.com/errata/RHSA-2019:1884"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-1884 vom 2019-07-30",
"url": "http://linux.oracle.com/errata/ELSA-2019-1884.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1943 vom 2019-07-30",
"url": "https://access.redhat.com/errata/RHSA-2019:1943"
},
{
"category": "external",
"summary": "CentOS Security Advisory CESA-2019:1884 vom 2019-07-31",
"url": "http://centos-announce.2309468.n4.nabble.com/CentOS-announce-CESA-2019-1884-Moderate-CentOS-7-libssh2-Security-Update-tp4645623.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2136 vom 2019-08-06",
"url": "https://access.redhat.com/errata/RHSA-2019:2136"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2399 vom 2019-08-07",
"url": "https://access.redhat.com/errata/RHSA-2019:2399"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:1606-2 vom 2019-08-21",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20191606-2.html"
},
{
"category": "external",
"summary": "FortiGuard Labs PSIRT Advisory FG-IR-19-099 vom 2019-11-15 vom 2019-11-14",
"url": "https://fortiguard.com/psirt/FG-IR-19-099"
},
{
"category": "external",
"summary": "Juniper Security Advisory JSA11023 vom 2020-07-08",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11023"
},
{
"category": "external",
"summary": "F5 Security Advisory K90011301 vom 2020-09-18",
"url": "https://support.f5.com/csp/article/K90011301"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:3551-1 vom 2020-11-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007887.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2046 vom 2023-05-17",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2046.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1756 vom 2023-06-06",
"url": "https://alas.aws.amazon.com/ALAS-2023-1756.html"
},
{
"category": "external",
"summary": "F5 Security Advisory K000149288 vom 2025-01-14",
"url": "https://my.f5.com/manage/s/article/K000149288"
}
],
"source_lang": "en-US",
"title": "libssh2: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-01-14T23:00:00.000+00:00",
"generator": {
"date": "2025-01-15T09:22:49.540+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2023-1230",
"initial_release_date": "2019-03-18T23:00:00.000+00:00",
"revision_history": [
{
"date": "2019-03-18T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2019-03-19T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-03-20T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-03-20T23:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-3348CB4934, FEDORA-2019-F31C14682F"
},
{
"date": "2019-03-21T23:00:00.000+00:00",
"number": "5",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-70A9D4F970"
},
{
"date": "2019-03-28T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2019-03-31T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-04-01T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2019-04-14T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2019-04-28T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-05-15T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-06-20T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-06-23T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-06-24T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2019-07-02T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2019-07-03T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2019-07-16T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2019-07-16T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-07-21T22:00:00.000+00:00",
"number": "19",
"summary": "Referenz(en) aufgenommen: FEDORA-2019-9D85600FC7, FEDORA-2019-5885663621"
},
{
"date": "2019-07-29T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2019-07-30T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-07-31T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von CentOS aufgenommen"
},
{
"date": "2019-08-06T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-07T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-21T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-11-14T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Fortinet aufgenommen"
},
{
"date": "2020-07-08T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Juniper aufgenommen"
},
{
"date": "2020-09-20T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von F5 aufgenommen"
},
{
"date": "2020-11-29T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-16T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-06-06T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von F5 aufgenommen"
}
],
"status": "final",
"version": "32"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
},
{
"category": "product_version",
"name": "15.1.0-15.1.10",
"product": {
"name": "F5 BIG-IP 15.1.0-15.1.10",
"product_id": "T034902",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:15.1.0_-_15.1.10"
}
}
},
{
"category": "product_version",
"name": "16.1.0-16.1.5",
"product": {
"name": "F5 BIG-IP 16.1.0-16.1.5",
"product_id": "T037028",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:16.1.0_-_16.1.5"
}
}
},
{
"category": "product_version",
"name": "17.1.0-17.1.2",
"product": {
"name": "F5 BIG-IP 17.1.0-17.1.2",
"product_id": "T040213",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:17.1.0_-_17.1.2"
}
}
}
],
"category": "product_name",
"name": "BIG-IP"
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fortinet FortiOS",
"product": {
"name": "Fortinet FortiOS",
"product_id": "T009615",
"product_identification_helper": {
"cpe": "cpe:/o:fortinet:fortios:-"
}
}
}
],
"category": "vendor",
"name": "Fortinet"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c20.1R1",
"product": {
"name": "Juniper Junos Space \u003c20.1R1",
"product_id": "T016874"
}
},
{
"category": "product_version",
"name": "20.1R1",
"product": {
"name": "Juniper Junos Space 20.1R1",
"product_id": "T016874-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:juniper:junos_space:20.1r1"
}
}
}
],
"category": "product_name",
"name": "Junos Space"
}
],
"category": "vendor",
"name": "Juniper"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.8.1",
"product": {
"name": "Open Source libssh2 \u003c1.8.1",
"product_id": "T013792"
}
},
{
"category": "product_version",
"name": "1.8.1",
"product": {
"name": "Open Source libssh2 1.8.1",
"product_id": "T013792-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:libssh2:libssh2:1.8.1"
}
}
}
],
"category": "product_name",
"name": "libssh2"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
},
{
"category": "product_name",
"name": "Oracle VM",
"product": {
"name": "Oracle VM",
"product_id": "T011119",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-3855",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3855"
},
{
"cve": "CVE-2019-3856",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3856"
},
{
"cve": "CVE-2019-3857",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3857"
},
{
"cve": "CVE-2019-3858",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3858"
},
{
"cve": "CVE-2019-3859",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3859"
},
{
"cve": "CVE-2019-3860",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3860"
},
{
"cve": "CVE-2019-3861",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3861"
},
{
"cve": "CVE-2019-3862",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3862"
},
{
"cve": "CVE-2019-3863",
"notes": [
{
"category": "description",
"text": "In libssh2 existieren mehrere Schwachstellen. Diese bestehen aufgrund von unsachgem\u00e4\u00dfer Speicherbehandlung, was zu Puffer\u00fcberl\u00e4ufen sowie zu \"Out of Bounds read\" und \"Out of Bounds write\" fehlern f\u00fchrt. Ein entfernter anonymer kann diese Schwachstellen ausnutzen um Denial of Service Angriffe durchzuf\u00fchren, sowie potentiell Informationen offenzulegen und beliebigen Code mit den Rechten des angegriffenen Nutzers zur Ausf\u00fchrung zu bringen."
}
],
"product_status": {
"known_affected": [
"T011119",
"67646",
"T034902",
"T009615",
"T037028",
"T016874",
"T004914",
"T013792",
"2951",
"T002207",
"T001663",
"398363",
"T040213",
"1727"
]
},
"release_date": "2019-03-18T23:00:00.000+00:00",
"title": "CVE-2019-3863"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…