[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libssh 0.11.3 release

[Thread Prev] | [Thread Next]

Subject: libssh 0.11.3 release
From: Jakub Jelen <jjelen@xxxxxxxxxx>
Reply-to: libssh@xxxxxxxxxx
Date: Tue, 9 Sep 2025 10:31:24 +0200
To: libssh@xxxxxxxxxx

Hello all!

We are happy to announce the new libssh release 0.11.3. This is security
and bugfix release. Thanks to Philippe Antoine and Francesco Rollo for the
responsible disclosure of the following security weaknesses:

 * CVE-2025-8114: Fix NULL pointer dereference after allocation failure
 * CVE-2025-8277: Fix memory leak of ephemeral key pair during
repeated wrong KEX

You can read the full changelog and download updated libssh on the
following announcement post:

https://www.libssh.org/2025/09/09/libssh-0-11-3-security-and-bugfix-release/

Thank you.
Jakub Jelen
libssh team

Archive administrator: postmaster@lists.cynapses.org