An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. Reference: https://github.com/libssh2/libssh2/issues/477 Upstream patch: https://github.com/libssh2/libssh2/commit/642eec48ff3adfdb7a9e562b6d7fc865d1733f45
Created libssh2 tracking bugs for this issue: Affects: epel-all [bug 2236038] Affects: fedora-all [bug 2236040] Created mingw-libssh2 tracking bugs for this issue: Affects: fedora-all [bug 2236039]
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2023:5615 https://access.redhat.com/errata/RHSA-2023:5615