Back to libssh PTS page

Accepted libssh 0.10.5-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted libssh 0.10.5-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Wed, 10 May 2023 06:20:12 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: libssh_0.10.5-1_source.changes
Debian-source: libssh
Debian-suite: unstable
Debian-version: 0.10.5-1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=usxVQWCTgVv3GU6kKi3O1UjqY77Htf6DNKsJ+jNT+bU=; b=PRqpztnfpVmx/IKyhpIHgvVaq9 DJWX8G2W3TcU4tQEmmXHD5HZfIv6DRdjXjOd2E0htDUIYkSb/94WViOUpbySEhnvchwrlPLbZ2fhL Vf5BpbVR+mbUWZYOxGLXh4kZR+QY70iAMIHcdVSLsai9XCf6NfV+MoYlP+xOt1cx3k8bS2A7lwOWc Y/3BV13slcoGQ4Be8ag6VRcWimPtDQJKPW46ZZKSIqhQsfaivIJhbmfrHyxBqv/cTNjToE3zlwQtc HUZNC3xPBQkzDeAz9L1O9S1+pKj/+wOT7qDUP3ZtMdTgRTSkOqrT5sGshe8KMt142LGf8Jk25FK+g AnT6wZSw==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1pwdBM-003z5p-Lx@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 10 May 2023 08:00:26 +0200
Source: libssh
Architecture: source
Version: 0.10.5-1
Distribution: unstable
Urgency: high
Maintainer: Laurent Bigonville <bigon@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Closes: 1035832
Changes:
 libssh (0.10.5-1) unstable; urgency=high
 .
   [ Martin Pitt ]
   * New upstream security release (thus high urgency):
     - Fix authenticated remote DoS through potential NULL dereference during rekeying
       with algorithm guessing (CVE-2023-1667)
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - Client authentication bypass in pki_verify_data_signature() in low-memory
       conditions with OpenSSL backend; gcrypt backend is not affected
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (CVE-2023-2283, Closes: #1035832)
   * Bump Standards-Version to 4.6.2. No changes necessary.
   * Drop debian/source/lintian-overrides. It now causes a "mismatched-override"
     warning, and apparently is not necessary any more.
   * debian/copyright: Drop files which don't exist any more.
     Spotted by lintian's "superfluous-file-pattern" warnings.
 .
   [ Debian Janitor ]
   * Bump debhelper from old 12 to 13.
   * Avoid explicitly specifying -Wl,--as-needed linker flag.
Checksums-Sha1:
 ddb59b6af4d50563b33b21973e1b2b0758b675c7 2742 libssh_0.10.5-1.dsc
 bc6b6858c3f4d07a302d838258d98e5bae790387 557776 libssh_0.10.5.orig.tar.xz
 dc55b86977ec5348d3048118c3beccd5d1b06da9 833 libssh_0.10.5.orig.tar.xz.asc
 d8d354cc003f4cc254f672fb968e13865059f00b 28016 libssh_0.10.5-1.debian.tar.xz
 29c7fbab76614a2fb35d9c473593912876904b1c 7413 libssh_0.10.5-1_source.buildinfo
Checksums-Sha256:
 2dbdceacadaa1ce6629bef199a44e2c89b9b220996337c858f54970914b4f4f0 2742 libssh_0.10.5-1.dsc
 b60e2ff7f367b9eee2b5634d3a63303ddfede0e6a18dfca88c44a8770e7e4234 557776 libssh_0.10.5.orig.tar.xz
 cc5427ac9480b30f87f7c3c2dca1830c1e7fe3c18503da2c07d4110150916c66 833 libssh_0.10.5.orig.tar.xz.asc
 06b785dde60a98934d56095834a41562a58039b034a2d7f1eb90bc633d84b83e 28016 libssh_0.10.5-1.debian.tar.xz
 6d2e8069eca275285bf54f9c8a5dc87571af90a02d8e69bc0741b80b9e0f6d48 7413 libssh_0.10.5-1_source.buildinfo
Files:
 63f682b498516dc66aa3059964baafca 2742 libs optional libssh_0.10.5-1.dsc
 d8db64ad57bbf25fc53396dd5438a3ef 557776 libs optional libssh_0.10.5.orig.tar.xz
 5216efd082214fa43e966115bb9502f8 833 libs optional libssh_0.10.5.orig.tar.xz.asc
 d8d8a5b28a9802a5ce080df8ecb31fed 28016 libs optional libssh_0.10.5-1.debian.tar.xz
 1d9dca270a1bb5fdaa7aba64f838cd19 7413 libs optional libssh_0.10.5-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmRbMzAACgkQ7nvd5Lhr
VxPuEg//deLK4VLcee6GdodxblILU04rQ1ZC9GteXOKY3ApOgVYnUHwgJx3Js8OG
l5A5vBImnv+3wctnxEce4AXj76YrB2uKEH+LRFwCTqrSwfjmYVvw1OcpBiu6nJSi
GvPoJ+eZ7Om+WCxr/Rn7ainN3pejejMxTiPIV6HYIY6wMsV7zC1fqt8eLD82IDIw
jN/7xoSKmVto7IauGisKpOFCtgkkJe4rcnoZYUyqm9AyZvDvo8jootYbWPGs8MLi
waOuvPrKEtfpYE/A4TLAn6GAw/GUTFFeNi18orMXQCIzIHn2xvTOWBY8F5Zplrpa
SDWnH8AmEEp7OIGymQf30sHugYlFceqJcikem0/LyL6uLxROM2NfYcLcYisQPVdz
ebL+l+r4MV/mlAoqwlKy02ij5Vt4RtwTYM2x8QE+KHLYVCCZCBbJLLoFoDTepybG
QO7z+0iGFgwq6Ig3abalkI93qxd7Xd+FDFYFpacRhCkgxB99OuPQmoiyqEav7Rof
MV7G+cc4r7Xz1F0rhOlvF6tkxIBWoKMnmL6Ko37btAqFQlSohCODQt1KJtYKoEq+
tEBkBRFMFRGGRA7sULyKENBzCvXUV/Y6il+wCUpnsuhVQRpX+Hm1xJxOJHoSKRKR
7QJ0GPrOWlzmEqCnJSAdrtyUz27NQ+DWS/QTNT8zTFwSPceHow4=
=x/4l
-----END PGP SIGNATURE-----