Ukuba sesichengeni (CVE-2-2) ichongiwe kwilayibrari ye-libs (engadideki kunye ne-libssh2021), eyilelwe ukongeza umxhasi kunye nenkxaso yomncedisi weSSHv3634 protocol kwiinkqubo ze-C, ezikhokelela ekuphuphumeni kwebuffer xa kuqalwa inkqubo yokubuyisela kwakhona. usebenzisa utshintshiselwano olungundoqo olusebenzisa i-algorithm ye-hashing eyahlukileyo. Umba ulungiswe ekukhutshweni kwe-0.9.6.
Undoqo wengxaki kukuba umsebenzi wokutshintsha ongundoqo uvumela ukusetyenziswa kwe-cryptographic hashes kunye nobukhulu obuphosiweyo obuhluke kwi-algorithm esetyenziswe ekuqaleni. Kulo mzekelo, inkumbulo yehashi kwi libssh yabelwa ngokusekwe kubungakanani boqobo behashi, kwaye ukusebenzisa isayizi enkulu yehashi kukhokelela ekubeni idatha ibhalwe ngaphezulu ngaphaya komda onikiweyo webuffer. Njengendlela yokhuseleko yokubuyisela umva, unganciphisa uluhlu lweendlela zotshintshiselwano ezingundoqo ezixhasiweyo kwii-algorithms ezinobungakanani obufanayo be-hash. Umzekelo, ukubophelela kwi-SHA256, unokongeza kwikhowudi: rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nistp256");
umthombo: opennet.ru