Mandriva Linux Security Advisory : libssh (MDVSA-2015:020)
Medium Nessus Plugin ID 80466
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated libssh packages fix security vulnerability :
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet (CVE-2014-8132).
SolutionUpdate the affected lib64ssh-devel and / or lib64ssh4 packages.