DSA-2879 libssh - security update
|
Información sobre el sistema
|
|
|
Software afectado |
Debian |
Descripción
|
It was discovered that libssh, a tiny C SSH library, did not reset thestate of the PRNG after accepting a connection. A server modeapplication that forks itself to handle incoming connections could seeits children sharing the same PRNG state, resulting in a cryptographicweakness and possibly the recovery of the private key.
More info:
http://www.debian.org/security/2014/dsa-2879 |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2014-0017 and DSA-2879. |