Nuglaanta (CVE-2-2) ayaa lagu aqoonsaday maktabadda libssh (aan lagu khaldin libssh2021), loogu talagalay in lagu daro taageerada macmiilka iyo serverka borotokoolka SSHv3634 ee barnaamijyada C, taasoo horseedaysa qulqul xad dhaaf ah marka la bilaabayo habka dib u furista. iyadoo la isticmaalayo isweydaarsiga muhiimka ah ee isticmaala hashing algorithm ka duwan. Arrintu waxay ku go'an tahay siidaynta 0.9.6.
Nuxurka dhibaatadu waa in hawlgalka isbeddelka muhiimka ah uu ogolaado isticmaalka hashes cryptographic leh cabbirka kabka kaas oo ka duwan algorithm-kii asalka ahaa ee la isticmaalay. Xaaladdan oo kale, xusuusta xashiishka libssh ayaa loo qoondeeyay iyadoo lagu salaynayo cabbirka xashiishka asalka ah, iyadoo la adeegsanayo cabbirka xashiishka weyn waxay horseedaysaa in xogta lagu beddelo meel ka baxsan xuduudda loo qoondeeyay. Habka amniga dib-u-dhaca, waxaad xaddidi kartaa liiska hababka is-weydaarsiga muhiimka ah ee la taageeray oo kaliya algorithms ee leh cabbirka xashiishka. Tusaale ahaan, si aad ugu xidho SHA256, waxaad ku dari kartaa koodka: rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nist);p256");
Source: opennet.ru