SUSE-SU-2024:0558-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20240558-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0558-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:0558-1
Related
Published
2024-02-20T16:34:49Z
Modified
2024-02-20T16:34:49Z
Summary
Security update for libssh2_org
Details

This update for libssh2_org fixes the following issues:

  • Always add the KEX pseudo-methods 'ext-info-c' and 'kex-strict-c-v00@openssh.com' when configuring custom method list. [bsc#1218971, CVE-2023-48795]

    • The strict-kex extension is announced in the list of available KEX methods. However, when the default KEX method list is modified or replaced, the extension is not added back automatically.
References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.5 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP5 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP2-LTSS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP3-LTSS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP4-LTSS / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP2 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP4 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Manager Proxy 4.3 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Manager%20Proxy%204.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Manager Server 4.3 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Manager%20Server%204.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Enterprise Storage 7.1 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

openSUSE:Leap Micro 5.3 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=openSUSE%20Leap%20Micro%205.3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

openSUSE:Leap Micro 5.4 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=openSUSE%20Leap%20Micro%205.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

openSUSE:Leap 15.5 / libssh2_org

Package

Name
libssh2_org
Purl
purl:rpm/suse/libssh2_org&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}