Achọpụtala ihe ọghọm (CVE-2-2) n'ọbá akwụkwọ libssh (ka a ghara inwe mgbagwoju anya na libssh2021), e mere iji gbakwunye nkwado ndị ahịa na nkesa maka usoro SSHv3634 na mmemme C, na-eduga n'ọba ụba mgbe ị na-amalite usoro rekey. iji mgbanwe igodo na-eji hashing algọridim dị iche. A na-edozi nsogbu ahụ na ntọhapụ 0.9.6.
Isi nsogbu bụ na ọrụ mgbanwe igodo na-enye ohere iji hashes cryptographic nwere nha nkedo dị iche na algọridim eji emebu. N'okwu a, ekenyela ebe nchekwa maka hash na libssh dabere na nha hash izizi, yana iji nha hash buru ibu na-eduga na idegharị data gafere oke oke nchekwa ekenyela. Dị ka usoro nchekwa ọdịda, ị nwere ike ịmachi ndepụta nke ụzọ mgbanwe isi akwadoro na naanị algọridim nwere otu nha hash. Dịka ọmụmaatụ, iji jikọta na SHA256, ị nwere ike itinye na koodu: rc = ssh_options_set (s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nist);p256");
isi: opennet.ru