-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:148
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : libssh2
 Date    : March 29, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated libssh2 packages fix security vulnerability:
 
 Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was
 reading and using the SSH_MSG_KEXINIT packet without doing sufficient
 range checks when negotiating a new SSH session with a remote server. A
 malicious attacker could man in the middle a real server and cause
 a client using the libssh2 library to crash (denial of service)
 or otherwise read and use unintended memory areas in this process
 (CVE-2015-1782).
 ______________________________________________