[CLSA-2026:1777445542] libssh2: Fix of 2 CVEs
Type:
security
Severity:
Critical
Release date:
2026-04-29 06:52:32 UTC
Description:
- CVE-2019-3858: fix zero-byte allocation in sftp_packet_read() - CVE-2019-3859: fix out-of-bounds reads in _libssh2_packet_require
Updated packages:
  • libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els2.i686.rpm
    sha:a6e7c8aa00d948392345e197094acec58892b8492a86be47aac1e99f20c7f048
  • libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els2.x86_64.rpm
    sha:bf200532704adcaa0469cce650e608690ad2d6b9052d4338b9adc23f6b8fa152
  • libssh2-devel-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els2.i686.rpm
    sha:23325c5368e6aea1cc343cb3bdca488d24531aff115ccc25fdd6f6c3a4468b28
  • libssh2-devel-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els2.x86_64.rpm
    sha:6e63b63b322c88950cb8217b7f0a813faf4dc872150eb00ea327e3620a091ac6
  • libssh2-docs-1.4.2-3.0.1.el6_10.1.tuxcare.ol.els2.x86_64.rpm
    sha:d48357e26c7732edaa3aa1f601b61f3f6b0a15e688f0096cb0d76c8c5424b3b2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.