Back to libssh PTS page

Accepted libssh 0.9.7-0+deb11u1 (source) into proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted libssh 0.9.7-0+deb11u1 (source) into proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 28 May 2023 18:02:19 +0000
Debian: DAK
Debian-architecture: source
Debian-archive-action: accept
Debian-changes: libssh_0.9.7-0+deb11u1_source.changes
Debian-source: libssh
Debian-suite: proposed-updates
Debian-version: 0.9.7-0+deb11u1
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=OETbgoMhkl/11A+D726YCzxJR9Aad0sSL9SYCRoqiqw=; b=WIep/SnRHFBQZMMak/684P7geu PtEow6JD7n60TjUFkjuzpqmugvBrshdO9uxGKbES8735mkomaYZvUB5ZoMEFc5BhyZiLajxlCC50x AWhK+UUJjbpewZFOEUJyBNVWR8iZmJSjNUTeVc2OLM8bidgr+curJa9ALt2l76mkXI2xUs/f27ZqN C30n59YvEur2rD0MRNFAaK9RwmrpTbzr3XSq9hOCBxmLO7y0Am9frF/qUsO0LelfK5nId3oZ+x6wz LMrg/twANMqXqehsg3k/3p1o52fScPaVIXHtgwlW4H4GgYlVXggTaUVw03aJiUQglnpKfmD5lGOmf P1LhmX5w==;
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1q3Kih-001O2w-IF@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 21 May 2023 18:22:05 +0000
Source: libssh
Architecture: source
Version: 0.9.7-0+deb11u1
Distribution: bullseye-security
Urgency: medium
Maintainer: Laurent Bigonville <bigon@debian.org>
Changed-By: Martin Pitt <mpitt@debian.org>
Closes: 1035832
Changes:
 libssh (0.9.7-0+deb11u1) bullseye-security; urgency=medium
 .
   * New upstream security microrelease:
     - CVE-2023-1667: Authenticated remote DoS.
       Fix authenticated remote DoS through potential NULL dereference during
       rekeying with algorithm guessing
       https://www.libssh.org/security/advisories/CVE-2023-1667.txt
     - CVE-2023-2283: Client authentication bypass.
       Fix client authentication bypass in pki_verify_data_signature() in
       low-memory conditions with OpenSSL backend; gcrypt backend is not
       affected.
       https://www.libssh.org/security/advisories/CVE-2023-2283.txt
       (Closes: #1035832)
   * Drop 000* patches which were backported from the upstream stable 0.9
     branch, now included in this release. Unfuzz 2004-install-static-lib.patch.
Checksums-Sha1:
 2c97a5c41a1329c528ebe7f5cbe05d21bd41cdb7 2476 libssh_0.9.7-0+deb11u1.dsc
 078df560e5752977803a62f37aeef7c2b528eff6 504676 libssh_0.9.7.orig.tar.xz
 e28d1df76ce09b5a03e3c695b5c7d6dbe160cddc 27548 libssh_0.9.7-0+deb11u1.debian.tar.xz
 86ba5798b9e657cb81da4696be6c8ced85a31e51 6153 libssh_0.9.7-0+deb11u1_source.buildinfo
Checksums-Sha256:
 c9a4b6c6bce399c534b661525113fef7c9d92812f64e2f209125615419601180 2476 libssh_0.9.7-0+deb11u1.dsc
 84ac279fff2b8ab1b9b2f883aa3f9313b42dda51c121fe537f0c16417aa1ec72 504676 libssh_0.9.7.orig.tar.xz
 815e21f4ae3d675699c9d32883b0d2dfaf82c006df52515971279db9a5495bb7 27548 libssh_0.9.7-0+deb11u1.debian.tar.xz
 3058e32f591abf4331d680a651c750f0420fb7b17be32385d47d77f60fa64282 6153 libssh_0.9.7-0+deb11u1_source.buildinfo
Files:
 091a585dce4aa542dee951c0aaa35c91 2476 libs optional libssh_0.9.7-0+deb11u1.dsc
 8fcaba57438c382f0b29bd85d3c8c4ee 504676 libs optional libssh_0.9.7.orig.tar.xz
 7e34b58e3412bc0697cee1a1183a1373 27548 libs optional libssh_0.9.7-0+deb11u1.debian.tar.xz
 f602759a869e0a78b34d83c2c5b86ad8 6153 libs optional libssh_0.9.7-0+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEbEuHi35jHxYFV8PN7nvd5LhrVxMFAmRqYW0ACgkQ7nvd5Lhr
VxORwBAAjrJ/ZHlX/2SSNMdvzhfzu+e3nWLcfLiacIOiGvTt88Sp3J+/th7hf3b6
/Og0mki2rVkMhyKds7a7JQGnL5k8E7KDeatWNbCEfV/M5XSHPK1eg4YAJnl+eg1P
aXKSlMJDv9WJy4Wn60i4PrornAvhw2eJ8pPpqaZiZBwKZjFAC7NLV1NRIas9/gJR
4BPk3JdiPVcSDL3YrHNFltxWzAwuQDxZDahF2F0b8MeYdqMebB7H7b8J5Pvz9b9m
19Ssa9GQohhb5GrFxhBapR+H3iHNAz1+tuJSObk/ecyffRWmeyL4EJQy3CQwezYx
mdfTgbGLuAJQVFFV55AGbW8Sf26mjTEz/HUCV3Tp4AE/MwOZGlCsntcZ00A0JMWB
ErgUpdLqF+RM70dE8mWirSNsYGzg0yHR7fW5/N16hIJs7Dcywd58Ao5HCT4sDvv+
ghgSlFbQrtpjvbe6vymKV2Pc79pxWnNWH7fyjQ9HuJa/uf02tSpUGAUTMUsXiftY
Hn3fNeiNaCo1RMJ4Ik3q7Vr/N75BarQ2Ml5Q8zFAAznmo/wME5BugSYEzxOGMBFJ
mVFmcz6Z/jQgBU2DRWTr7adtrhudjiAdiX1nko3fQtF1a0sZFXal/d6DKu2aevYy
I3AHvYFAKFMDDZ+DcpAzJjbJ1uJ13z/9I1QwvItkLMGt7kap1xM=
=zqsh
-----END PGP SIGNATURE-----