SUSE-SU-2024:0558-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:0558-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2024:0558-1

Related

CVE-2023-48795

Published

2024-02-20T16:34:49Z

Modified

2024-02-20T16:34:49Z

Summary

Security update for libssh2_org

Details

This update for libssh2_org fixes the following issues:

Always add the KEX pseudo-methods 'ext-info-c' and 'kex-strict-c-v00@openssh.com' when configuring custom method list. [bsc#1218971, CVE-2023-48795]
- The strict-kex extension is announced in the list of available KEX methods. However, when the default KEX method list is modified or replaced, the extension is not added back automatically.

References

Affected packages

SUSE:Linux Enterprise Micro 5.3 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.4 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.5 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP5 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP2-LTSS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP3-LTSS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP4-LTSS / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP2 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP3 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP4 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Manager Proxy 4.3 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Manager%20Proxy%204.3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Manager Server 4.3 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Manager%20Server%204.3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.1 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Linux Enterprise Micro 5.2 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Linux%20Enterprise%20Micro%205.2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

SUSE:Enterprise Storage 7.1 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=SUSE%20Enterprise%20Storage%207.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1"
        }
    ]
}

openSUSE:Leap Micro 5.3 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=openSUSE%20Leap%20Micro%205.3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

openSUSE:Leap Micro 5.4 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=openSUSE%20Leap%20Micro%205.4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1"
        }
    ]
}

openSUSE:Leap 15.5 / libssh2_org

Package

Name: libssh2_org
Purl: purl:rpm/suse/libssh2_org&distro=openSUSE%20Leap%2015.5

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.11.0-150000.4.25.1

Ecosystem specific

{
    "binaries": [
        {
            "libssh2-1": "1.11.0-150000.4.25.1",
            "libssh2-devel": "1.11.0-150000.4.25.1",
            "libssh2-1-32bit": "1.11.0-150000.4.25.1"
        }
    ]
}