Hacker News new | ask | show | jobs
CVE-2016-0739 – Weakness in diffie-hellman secret key generation in libssh (bugzilla.redhat.com)
5 points by howaboutit 3772 days ago
1 comments
howaboutit 3772 days ago
Also at - https://www.libssh.org/security/advisories/CVE-2016-0739.txt

CVE-2016-0739 libssh: Diffie-Hellman bits/bytes confusion bug https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0739

CVE-2016-0787 libssh2: Diffie-Hellman bits/bytes confusion bug https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0787

Fixed Versions (Debian) libssh:

  squeeze	0.4.5-3+squeeze3
  wheezy	0.5.4-1+deb7u3
  jessie	0.6.3-4+deb8u2
libssh2:

  squeeze	1.2.6-1+deb6u2
  wheezy	1.4.2-1.1+deb7u2
  jessie	1.4.3-4.1+deb8u1
Find your version (libssh2) with:

  dpkg -l libssh2-1
link