Moderate Activity

News

  Analyzed 3 days ago based on code collected 3 days ago.
 
Posted 5 months ago by gladiac
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
Posted 5 months ago by aris
This is an important SECURITY and maintenance release in order to address CVE-2014-0017 – PRNG state reuse on forking servers. This bug happens when a SSH server forks on new connections. OpenSSL PRNG does not always detect the change of process (PID collision) and PRNG state may be shared between two successive children. However that […]
Posted 5 months ago by gladiac
We are happy to announce the first bugfix version of libssh 0.6. This version also provides some new functions and uses the openssh known_hosts heuristic to negotiate the cipher for key exchange. Thanks to all contributors! If you are new to libssh you should read our tutorial how to get started. Please join our mailing […]
Posted 7 months ago by gladiac
Ultimately the day has come that we can release libssh 0.6.0. This version has a lot of new features and we put a lot of effort into it to make it stable. The most important features are a callback based server API which is already in use by some projects. We added support for ECDSA […]
Posted 8 months ago by gladiac
We would like to announce libssh 0.6.0rc2 with full GSSAPI support. Last week Simo Sorce and I planned a day to test libssh against FreeIPA and gssproxy. The gss-proxy protocol allows proxying of GSSAPI initiation and authentication to have isolation ... [More] and privilege separation for user-mode applications. Well we worked 3 days on libssh and gss-proxy […] [Less]
Posted 9 months ago by aris
A while back, I introduced a new key exchange mechanism, “curve25519-sha256@libssh.org” in our code base. The reasons were explained together with the specifications. In a nutshell, this key exchange function is based on DJB’s Curve25519 elliptic ... [More] curve Diffie-Hellman key exchange. This algorithm does not rely on NIST-based curves and gives us more security confidence against […] [Less]
Posted 12 months ago by gladiac
We are proud to announce the release of the first release candidate of libssh 0.6.0. We have rewritten a lot of code to provide a better API and added a lot of features. The most important changes are the new public key API, Kerberos support, ECDSA and ECDH support and the new callback based server […]
Posted 12 months ago by gladiac
This is another bugfix release of libssh version 0.5. If you are new to libssh read The Tutorial how to get started. Please join our mailing list or visit our irc channel if you have questions. You can download libssh 0.5.5 here. For Windows binaries we suggest to use the MSVC or MinGW binaries from [...]
Posted over 1 year ago by gladiac
This is an important SECURITY and maintenance release in order to address CVE-2013-0176 – NULL dereference leads to denial of service. The crash could kill a SSH server using libssh. However it depends on the the server process model how bad the situation can be. If you use a forked model to implement your server, [...]
Posted over 1 year ago by gladiac
This is an important SECURITY and maintenance release in order to address CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. CVE-2012-4559 – Fix multiple double free() flaws CVE-2012-4560 – Fix multiple buffer overflow flaws CVE-2012-4561 ... [More] – Fix multiple invalid free() flaws CVE-2012-4562 – Fix multiple improper overflow checks The double free in sftp_parse_attr_3() could be used for a [...] [Less]