1 comment

[ 3.2 ms ] story [ 13.5 ms ] thread
Also at - https://www.libssh.org/security/advisories/CVE-2016-0739.txt

CVE-2016-0739 libssh: Diffie-Hellman bits/bytes confusion bug https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0739

CVE-2016-0787 libssh2: Diffie-Hellman bits/bytes confusion bug https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0787

Fixed Versions (Debian) libssh:

  squeeze	0.4.5-3+squeeze3
  wheezy	0.5.4-1+deb7u3
  jessie	0.6.3-4+deb8u2
libssh2:

  squeeze	1.2.6-1+deb6u2
  wheezy	1.4.2-1.1+deb7u2
  jessie	1.4.3-4.1+deb8u1
Find your version (libssh2) with:

  dpkg -l libssh2-1