aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T11:13:15Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10132[3.6] libssh2: Multiple vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-20...2019-07-23T11:13:15ZAlicha CH[3.6] libssh2: Multiple vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3858, CVE-2019-3859, CVE-2019-3860, CVE-2019-3861, CVE-2019-3862, CVE-2019-3863)**CVE-2019-3855**: Possible integer overflow in transport read allows
out-of-bounds write
Affected versions: all versions to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-...**CVE-2019-3855**: Possible integer overflow in transport read allows
out-of-bounds write
Affected versions: all versions to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3855.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3855.patch
**CVE-2019-3856**: Possible integer overflow in keyboard interactive
handling allows out-of-bounds write
Affected versions: all versions to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3856.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch
**CVE-2019-3857**: Possible integer overflow leading to zero-byte
allocation and out-of-bounds write
Affected versions: versions 1.2.8 up to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3857.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3857.patch
**CVE-2019-3858**: Possible zero-byte allocation leading to an
out-of-bounds read
Affected versions: versions 0.3 up to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3858.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3858.patch
**CVE-2019-3859**: Out-of-bounds reads with specially crafted payloads
due to unchecked use of \`\_libssh2\_packet\_require\` and
\`\_libssh2\_packet\_requirev\`
Affected versions: versions 0.1 up to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3859.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3859.patch
\*CVE-2019-386\*0: Out-of-bounds reads with specially crafted SFTP
packets
Affected versions: versions 0.3 up to and including 1.8.0
Not affected versions: libssh2 >= 1.9.0
### References:
https://www.libssh2.org/CVE-2019-3860.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3860.patch
**CVE-2019-3861**: Out-of-bounds reads with specially crafted SSH
packets
Affected versions: versions 0.15 up to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3861.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3861.patch
**CVE-2019-3862**: Out-of-bounds memory comparison
Affected versions: versions 0.11 up to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
### References:
https://www.libssh2.org/CVE-2019-3862.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3862.patch
**CVE-2019-3863**: Integer overflow in user authenicate keyboard
interactive allows out-of-bounds writes
Affected versions: versions 0.1 up to and including 1.8.0
Not affected versions: libssh2 >= 1.8.1
References:
https://www.libssh2.org/CVE-2019-3863.html
https://www.openwall.com/lists/oss-security/2019/03/18/3
### Patch:
https://libssh2.org/1.8.0-CVE/CVE-2019-3863.txt
*(from redmine: issue id 10132, created on 2019-03-19, closed on 2019-03-21)*
* Relations:
* parent #10127
* Changesets:
* Revision eec223036af35046c74baca7b09d6a81aaccbe86 by Francesco Colista on 2019-03-19T21:58:40Z:
```
main/libssh2: security upgrade to 1.8.1
- CVE-2019-3855
- CVE-2019-3856
- CVE-2019-3857
- CVE-2019-3858
- CVE-2019-3859
- CVE-2019-3860
- CVE-2019-3861
- CVE-2019-3862
- CVE-2019-3863
Fixes #10132
```3.6.6Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10097[3.6] openjpeg: integer overflow in opj_j2k_setup_encoder function in openjp2...2019-07-23T11:13:38ZAlicha CH[3.6] openjpeg: integer overflow in opj_j2k_setup_encoder function in openjp2/j2k.c (CVE-2018-5785)In OpenJPEG 2.3.0, there is an integer overflow caused by an
out-of-bounds left shift in the opj\_j2k\_setup\_encoder function
(openjp2/j2k.c). Remote attackers could leverage this vulnerability to
cause a denial of service via a craft...In OpenJPEG 2.3.0, there is an integer overflow caused by an
out-of-bounds left shift in the opj\_j2k\_setup\_encoder function
(openjp2/j2k.c). Remote attackers could leverage this vulnerability to
cause a denial of service via a crafted bmp file.
### References:
https://github.com/uclouvain/openjpeg/issues/1057
https://nvd.nist.gov/vuln/detail/CVE-2018-5785
### Patch:
https://github.com/uclouvain/openjpeg/commit/ca16fe55014c57090dd97369256c7657aeb25975
*(from redmine: issue id 10097, created on 2019-03-12, closed on 2019-03-19)*
* Relations:
* parent #10092
* Changesets:
* Revision 673878b2056caeeae7b119dc6845c6299a153c69 by Francesco Colista on 2019-03-14T17:29:02Z:
```
main/openjpeg: security fixes
- CVE-2018-5785
this commit fixes #10097
```3.6.6Francesco ColistaFrancesco Colista