Red Hat Product Errata RHSA-2023:3839 - Security Advisory
Issued:
2023-06-27
Updated:
2023-06-27

RHSA-2023:3839 - Security Advisory

Synopsis

Moderate: libssh security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libssh is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications.

Security Fix(es):

  • libssh: NULL pointer dereference during rekeying with algorithm guessing (CVE-2023-1667)
  • libssh: authorization bypass in pki_verify_data_signature (CVE-2023-2283)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing these updated packages, all running applications using libssh must be restarted for this update to take effect.

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2182199 - CVE-2023-1667 libssh: NULL pointer dereference during rekeying with algorithm guessing
  • BZ - 2189736 - CVE-2023-2283 libssh: authorization bypass in pki_verify_data_signature

Red Hat Enterprise Linux for x86_64 8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
s390x
libssh-0.9.6-10.el8_8.s390x.rpm SHA-256: e8daf158b816e7d288ac92c27ca37c6f47417267b62640ea2bcbd6f10a473d1e
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-devel-0.9.6-10.el8_8.s390x.rpm SHA-256: 42f8344c6d2d741dfc37550c4aae3882e25b04387af5d8705b3f2bf937248881

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
s390x
libssh-0.9.6-10.el8_8.s390x.rpm SHA-256: e8daf158b816e7d288ac92c27ca37c6f47417267b62640ea2bcbd6f10a473d1e
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debuginfo-0.9.6-10.el8_8.s390x.rpm SHA-256: e98fc4dc239616a9b0fadcaf68057fb059069e354faaebd4c4ade089cfb9bd28
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-debugsource-0.9.6-10.el8_8.s390x.rpm SHA-256: 9b90c5c943f17b8ccc5d175ba43184a910bf48d02940179af34eccb525f7e15b
libssh-devel-0.9.6-10.el8_8.s390x.rpm SHA-256: 42f8344c6d2d741dfc37550c4aae3882e25b04387af5d8705b3f2bf937248881

Red Hat Enterprise Linux for Power, little endian 8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
ppc64le
libssh-0.9.6-10.el8_8.ppc64le.rpm SHA-256: cf7c0fac766a00c94e60e4305e8e798bde305b04ed0f190dd24fa1802b9c7d3b
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm SHA-256: de6645063a1741f3e3b66863f403c927ce7bd83f5f8f87544712c6c476aa8bad

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
ppc64le
libssh-0.9.6-10.el8_8.ppc64le.rpm SHA-256: cf7c0fac766a00c94e60e4305e8e798bde305b04ed0f190dd24fa1802b9c7d3b
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm SHA-256: de6645063a1741f3e3b66863f403c927ce7bd83f5f8f87544712c6c476aa8bad

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b

Red Hat Enterprise Linux for ARM 64 8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
aarch64
libssh-0.9.6-10.el8_8.aarch64.rpm SHA-256: 39ce46dd3749db69922940255fb2e9ea1536320eb3eb457a895cc855ed721070
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-devel-0.9.6-10.el8_8.aarch64.rpm SHA-256: 079ff169eb9fca30f43dde7da7f5cac8cdcb692e8deb22837bc14f82e5868b14

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
aarch64
libssh-0.9.6-10.el8_8.aarch64.rpm SHA-256: 39ce46dd3749db69922940255fb2e9ea1536320eb3eb457a895cc855ed721070
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debuginfo-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e65f23526e74dc131c4dc8d0b7b4ab3f22a1e506999e4ed00b2f40eb473a4d1
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-debugsource-0.9.6-10.el8_8.aarch64.rpm SHA-256: 8e6d21b4a80b6491a65b36675856651694bf6638ee41f3e225767e683b09d8ef
libssh-devel-0.9.6-10.el8_8.aarch64.rpm SHA-256: 079ff169eb9fca30f43dde7da7f5cac8cdcb692e8deb22837bc14f82e5868b14

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
ppc64le
libssh-0.9.6-10.el8_8.ppc64le.rpm SHA-256: cf7c0fac766a00c94e60e4305e8e798bde305b04ed0f190dd24fa1802b9c7d3b
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debuginfo-0.9.6-10.el8_8.ppc64le.rpm SHA-256: 7c49013016e5e408b6d8aef28541629b8988884f4caa3e58e642709bf28ce85c
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-debugsource-0.9.6-10.el8_8.ppc64le.rpm SHA-256: c2e2ae95af910578b33eb6595a85155943dd8ba16cd44c2a638faa8af6576221
libssh-devel-0.9.6-10.el8_8.ppc64le.rpm SHA-256: de6645063a1741f3e3b66863f403c927ce7bd83f5f8f87544712c6c476aa8bad

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
libssh-0.9.6-10.el8_8.src.rpm SHA-256: 77f9197fc9db82a5a3e186dafb6c2e86cc424f5abfba00bbdb109b72cddce5aa
x86_64
libssh-0.9.6-10.el8_8.i686.rpm SHA-256: deccb5006178482f2fc29bd70ae5775f8d46c76360ebed84704e590852c9a676
libssh-0.9.6-10.el8_8.x86_64.rpm SHA-256: 120c75c4762ed1052c85167f69c7e06b1e9da8d961beb7a618d51025075bd336
libssh-config-0.9.6-10.el8_8.noarch.rpm SHA-256: 459736822b775e0a8c5726b6bb88a120749a2b89cd9df049879348ae456c2ec0
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.i686.rpm SHA-256: e16a156fac2a2179a528ea9c2b6dd13e73c3a989d6330d9ae7b54e8c1b815766
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debuginfo-0.9.6-10.el8_8.x86_64.rpm SHA-256: b9237d1be59313fb00d116fe19743259a7dd3ffd9b3aebaac6115d217a00dac7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.i686.rpm SHA-256: c1c0078bfff243fed09abdfae3aee7012378ecd615c5d10f869ff2322f31ece7
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-debugsource-0.9.6-10.el8_8.x86_64.rpm SHA-256: 3bb429186aff2b9f8f5163d4fd3d1215a0e1a517613c2fbcd358bf7298d99d08
libssh-devel-0.9.6-10.el8_8.i686.rpm SHA-256: f4e78029bd1d409fb60865ec366c663a04ba003141b91b7fa5e8967eac8472b5
libssh-devel-0.9.6-10.el8_8.x86_64.rpm SHA-256: c25ff7e6c216b073345e0b4624271ff3a8ed96557e695121f1453c8136f4425b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.