An update for apache-sshd is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2 Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2021-1312 Final 1.0 1.0 2021-08-20 Initial 2021-08-20 2021-08-20 openEuler SA Tool V1.0 2021-08-20 apache-sshd security update An update for apache-sshd is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2. Apache SSHD is a 100% pure java library to support the SSH protocols on both the client and server side. Security Fix(es): A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0(CVE-2021-30129) An update for apache-sshd is now available for openEuler-20.03-LTS-SP1 and openEuler-20.03-LTS-SP2. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium apache-sshd https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1312 https://openeuler.org/en/security/cve/detail.html?id=CVE-2021-30129 https://nvd.nist.gov/vuln/detail/CVE-2021-30129 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 apache-sshd-javadoc-2.2.0-2.oe1.noarch.rpm apache-sshd-2.2.0-2.oe1.noarch.rpm apache-sshd-2.2.0-2.oe1.noarch.rpm apache-sshd-javadoc-2.2.0-2.oe1.noarch.rpm apache-sshd-2.2.0-2.oe1.src.rpm apache-sshd-2.2.0-2.oe1.src.rpm A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0 2021-08-20 CVE-2021-30129 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP2 Medium 6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H apache-sshd security update 2021-08-20 https://openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2021-1312