[CLSA-2026:1777036898] libssh2: Fix of 2 CVEs
Type:
security
Severity:
Critical
Release date:
2026-04-25 08:47:59 UTC
Description:
- CVE-2019-3858: fix zero-byte allocation in sftp_packet_read() - CVE-2019-3859: fix out-of-bounds reads in _libssh2_packet_require
Updated packages:
  • libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els2.i686.rpm
    sha:7605c76313262b6644401e03624178112c30458f154473790a50914827da5003
  • libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els2.x86_64.rpm
    sha:27587ec4cc6f40d9ef2708cb50a5ff589f868154efb8ed75ff1b3c79b1faa0c1
  • libssh2-devel-1.4.2-3.0.1.el6_10.1.tuxcare.els2.i686.rpm
    sha:7742bb7765840275fc4d60c444cb7725df9971d27a55340d2407ec5fc60f6887
  • libssh2-devel-1.4.2-3.0.1.el6_10.1.tuxcare.els2.x86_64.rpm
    sha:732b4f2f1609673e83fd69abd1eb9bad9f4b91bd818c19720ebeea462ae899c4
  • libssh2-docs-1.4.2-3.0.1.el6_10.1.tuxcare.els2.x86_64.rpm
    sha:d6ac461987e6de81720638c7e4f73613fd797dd399dfcba82d0147c1ab07d816
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.